backtop


Print 94 comment(s) - last by Piiman.. on Dec 29 at 1:55 PM

There's also nary a mention about Microsoft's pro-security switch to a walled garden model

Online newspaper Inc. has published a pretty interesting account ripping into Windows RT, which it calls "Doomed".  The author, Geoffrey James, has a big warning to business -- "inherently unstable and insecure."

The author lauds Apple, Inc.'s (AAPL) iPad as the new paradigm of glorious computing and security, while lashing Microsoft, writing:

I used to work in an operating system development group. One thing I learned back then is that any OS that allows applications to modify the OS will be inherently unstable and insecure.

Since Windows is designed to allow that to happen, both computer viruses and the gradual "rot" of the software installed on a Windows system are both inevitable. There is no way to fix the problem because it's inherent in Windows's design.
...
I'm a case in point. While I'm still using a Windows machine for most of my writing, I'm serious thinking of "taking the leap" to only using my iPad simply to avoid the support headaches that are inevitable with Windows.

In short, the Surface is doomed because the entire concept behind it is flawed. Even plain Windows is getting so old and creaky that it's getting to be more a bother than its worth.

But the columnist misses (or at least never mentions) that the device he targets in the byline (Surface) is currently only being sold with Microsoft Corp.'s (MSFT) Windows RT (Surface Pro -- the x86 version -- isn't expected until next month).  And not a single piece of traditional Windows malware can run on Windows RT without recompilation, as it runs on a fundamentally different architecture/instruction set (ARM) versus past versions of Windows (x86).


Surface RT can't run traditional x86 malware.
 
In other words, the columnist's negative experience of getting his laptop penetrated by a "root kit" is drastically less likely to occur in Windows RT, particularly while it enjoys such a peachy (from a security perspective) low market share, compared to traditional Windows.

Another thing the columnist seems to miss is that both Windows 8 and Windows RT Microsoft offer perhaps the biggest pro-security (but anti-openness) shift that has helped protect the iPad -- the switch to primarily using a "walled garden" model of software distribution.  In Windows 8 you primarily buy apps through Windows Store.  Microsoft verifies each of these apps and can yank any app at any time if it is later discovered to pose some sort of security risk.

Windows Store
Microsoft now uses a similar pro-security "walled garden" model as Apple, pushing certified-safe apps from the Windows Store. [Image Source: ZDNet]

Granted, Microsoft does practice a laissez-faire policy regarding Windows 7 legacy software (which won't run on Windows RT, but will generally run on Windows 8) and plug-in based distribution models, such as the Java-based Valve client.  In this regard it differs from Apple who strictly prohibits such freedoms. But increasingly from here on out users will be getting their apps from a single secure source -- Microsoft.

Additionally, the apps in Windows 8 are nicely sandboxed.  They simply are not allowed to "modify the OS" as the author suggest.  Windows 8 and Windows RT have robust protection against traditional attack vectors like memory injection, protections that rival those in the OS X tree.

Some criticisms of Windows 8 have been more level-handed pointing out perfectly valid opinions that many share about places the ambitious user interface redesign may have gone too far.  But some criticisms -- such as the argument to buy an iPad instead of a Surface RT because Windows is "unstable and insecure" -- are simply bizarre to the point where they almost appear to be a comedic caricature of misconceptions surrounding the Windows platform.

Source: Inc.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Traditional programs won't run either...
By Magnus909 on 12/4/2012 12:23:57 PM , Rating: 2
Which is really the point.

It's the same with Linux.

Windows programs won't run without some treatment with Wine (and even then many won't work).
The system gets less popular due to this and isn't a popular target for malware creators because the user base i small.

What's the point anyway to run a virus free system if it doesn't have the apps you want to use.

Not a good seling-point.
It is really secure, but you can't run anything interesting on it....

And if it gets more popular it will be attacked and the users will have a false sense of security, like what happened a while ago to OS X.




RE: Traditional programs won't run either...
By Argon18 on 12/4/12, Rating: 0
RE: Traditional programs won't run either...
By GatoRat on 12/4/2012 12:49:30 PM , Rating: 2
I took his point as being that just because a virus can run on operating system X, doesn't mean it will run on Y. Thus, when there is an alert, it's specific to an operating system.

The fact is that UNIX style operating systems are impervious to Viruses. They don't exist. Not for Linux, not for OSX, not for AIX, HP-UX, Solaris, the BSD's, etc. You get the picture. The only way to infect these types of machines is with a trojan - aka social engineering.

Absolute, utter bullshit. The first viruses WERE on UNIX. Linux is not nearly as secure as you believe and Windows is much more secure than you claim. You are a parody of the article writer the author of this article was mocking.

The comment about social engineering misses the boat; being completely pedantic, actual computer viruses are extremely rare. Trojans, however, are not and make up essentially 99.999% of the problem.

Your comment about the registry is laughable. Once you get access to Linux root, you're equally screwed. The fact is that if you have administrative rights to a system, that system is at risk every time you log on. Period.


RE: Traditional programs won't run either...
By andrewaggb on 12/4/2012 12:59:44 PM , Rating: 3
wow. linux systems get hacked all the time. Often because operators have failed to apply the latest security patches and often because they mistakenly believe that they can't be hacked....

There have been openssl and ssh vulnerabilities, apache vulnerabilities, etc that open you up to hacking. Linux has some interesting stuff, like SELinux, and they are more likely to run a service as a separate user than a windows program is (though microsoft is good about doing this for many of their own products). Anyways, most browsers are sandboxed, internet explorer even has a low privilege mode that reduces it further in case something breaks out of the sandbox.


By Breakfast Susej on 12/4/2012 2:09:36 PM , Rating: 3
You've just run across one of the more unfortunate aspects of the Linux community, Arrogance and an unrealistic appraisal of reality.

With great power comes great annoying behavior and smug superiority. As one becomes accustomed to Linux, starts to learn about it, it is quite easy to get a little full of oneself with ones own ability. Tech oriented individuals are often very susceptible to this, frequently being socially awkward and unable to relate to people.

The Linux community as a whole would do well with a dose of humility.


RE: Traditional programs won't run either...
By bsd228 on 12/4/2012 2:08:55 PM , Rating: 1
> Absolute, utter bullshit. The first viruses WERE on UNIX. Linux is not nearly as secure as you believe and Windows is much more secure than you claim. You are a parody of the article writer the author of this article was mocking.

The first 'virus' was the Morris worm, yes, which took advantage of a lot of loose security standards from an era where that wasn't really a concern of the internet. The code maturity of these established protocols has advanced considerably since 1988, and the buffer overflow vulnerabilities were fleshed out quite a while ago. It's also important to note that this worm was not malicious in intent, but propagated much better than intended, resulting in a DoS attack.

The fundamental flaw in Windows security, particularly compared to unix, is that the running user typically has active Administrator rights. Unix users do not run as root. In Vista they tried to solve that by asking permission for every action, but that was such a pain that it was silenced in 7. I have no familiarity with what has changed with 8, but the app store by itself isn't enough. Windows users expect to be able to install things from any source.

I don't buy that RT is safe just because a recompile is necessary. Aside from targeting volume, hackers attack companies that annoy, and MS has always been a big red target.


RE: Traditional programs won't run either...
By Fritzr on 12/4/2012 7:54:59 PM , Rating: 2
The most important feature of a computer virus is the ability to self-replicate (in a sense every self-replicating program can be called a virus). The idea of self-replicating programs can be traced back to 1949, when the mathematician John von Neumann envisioned specialized computers or self-replicating automata sitting on modern office furniture, that could build copies of themselves and pass on their programming to their progeny.

Similarly the internet complete with a (very) intelligent search engine was first described in "A Logic Named Joe" by Murray Leinster, (Astounding 1946) included in the Baen book of the same title. Logics are now called PCs & frames are now called pages.

Star Trek season episode 15 was the first television production demonstrating the problems caused by "worms" (The Trouble with Tribbles) written by David Gerrold (1967)

A short story by David Gerrold appearing in Galaxy magazine was the first appearance of the term virus as applied to a computer program. (1969) The short story series was collected and released as a novel "When HARLEY was One" (1971) Revised and rereleased as "When HARLEY was One: Release 2.0" (1988)

The first documented virus was on a DEC PDP-10 running the TENEX operating system. Creeper (1971)

The second documented virus was on a DEC PDP-10 running the TENEX operating system. Reaper.
The malicious payload of Reaper was designed to delete Creeper :P

The program commonly credited as the first virus (actually a self spreading trojan) was run on UNIVAC. The OS was Sperry Rand's Exec 8. Creeper (1974)

The first IBM 360 virus (actually a fork-bomb type worm) was Rabbit on the ASP OS (1974)
Rabbit is now a class of virus (fork-bomb) that is found on any OS that allows a program to initiate a new process. In this sense, Rabbit is very much a problem on Unix and Unix clones such as Linux and BSD.

The term worm is coined (Shockwave Rider by John Brunner, 1975)

The first Apple virus was on an Apple II. Elk Cloner (1981)

VAX 11/750 virus demonstrated by Frederick Cohen. Cohen also uses the term "virus" for this type of malicious code. This is the beginning of this usage. (The actual origin was Cohen's teacher Leonard Adleman) (1983)

MS-DOS/PC-DOS/DR-DOS trojan horse ARF-ARF that deleted files, distributed by BBS (1983)

Infectious C compiler created that adds a login backdoor to a freshly compiled Linux OS. The login insertion is added to a recompilation of the compiler from source without a trace of the backdoor code. Author: Ken Thompsen. Document in the paper titled "Reflections on Trusting Trust" (1984)

Brain Boot sector virus running on IBM PC compatibles was the first true virus for MS-DOS and DOS clones. (1986)

First full stealth file infecting virus was BHP for the Commodore 64 (1986)

Burger for MS-DOS and clones was the first to infect multiple file types (EXE & COM) (1986)

First anti-virus programs available to anyone other than their developers came from IBM (1987)

SCA boot sector virus running on Amiga OS (1987)

CHRISMA EXEC (Christmas.exec) multi-OS network worm infected computer networks using the REXX scripting language (1987)

The Morris virus (worm) running on VAX 4BSD and Sun-3 (Unix clones) is credited as the first worm to use the internet to spread (1988)

Festering Hate was the first malicious virus for Apple II and created an Anti-virus industry for the Apple II ProDOS OS (1988)

Frodo was the first full stealth virus for MS-DOS and clones (1989)

Staog is the first Linux virus. Note that it targets Linux specifically rather than Unix clones generically (1996)

Cabir is the first Symbian (mobile phone) virus. It uses Bluetooth to spread. It requires Symbian on Series 60 phones, but will infect any Bluetooth device that supports "Object Push Profile" (2004)

Mabir is a Cabir variant that uses the MMS messaging service to spread.

RavMonE.exe is an iPod malware that attacks Windows systems each time the iPod is connected (2006) This was distributed using iTunes videos for 6 days in September of 2006. Apple's explanation was that a Windows PC used in iPod production (The Quality Control computer :P ) was covertly inserting the code.

A quote from a Spamlaws.com article
quote:
The Truth about Linux Viruses

One the biggest vulnerabilities of the Linux system are the users who have the misconception that it cannot be infected by computer viruses. Several people believe that any non-Windows system is secure and doesn't need the aid of additional software to ward off viruses. This is far from the truth and a major reason why more viruses are being written for the system.


From the developers of Ubuntu
https://help.ubuntu.com/community/Linuxvirus
quote:
The Reality

If you are going to trade files in a Windows world, you'll need to scan those files for viruses. You won't get infected, but you may help infect someone else. There are two ways to do this:
Run all the files through a server which checks for you. GMail, Yahoo mail, and Hotmail all have wonderful checking software.
Check the files for viruses yourself.

You can install a program called ClamAV. Install the package. It won't appear in the menu. Run it by getting to a command-line and type in "clamscan -h" to get some help on how to run it. If you really need to use a gui front-end and don't like the command-line then just install "clamtk". See the AntiVirus page for other antivirus packages and more detailed instructions.

Even if you do not trades files with the Windows world it is worth staying reasonably well up-to-date with normal updating procedures. https://help.ubuntu.com/community/InstallingSoftwa...

From Peter Radatti at Cybersoft.com is this intro to his paper on viral problems with a specific focus on Linux. Note the 1991 publication date. The first identified Linux virus arrives 5 years later.
Updated 1994 with comments on Unix viruses
Updated 1996 noting the release of Unix AV programs from companies that had been declaring "No need for AV if you run Unix" & MS-DOS boot sector viruses infect and destroy IBM PC clone Unix installs.
http://cybersoft.com/whitepapers/paper_details.php...
quote:
Copyright © September 1991, March 1996 by Peter V. Radatti All rights reserved.

This paper is intended to inform the UNIX and computer communities about formally undocumented computer virus problems. My observation of these problems were made at heterogeneous UNIX network sites and confirmed by discussions with system administrators at other sites. I believe that these problems are not limited to UNIX or heterogeneous networks. Furthermore, I expect the problems to expand in complexity, scope and virulence.

I have observed non-UNIX personal computers attached to a heterogeneous network that were infected with computer viruses originating from UNIX workstations. The UNIX systems were not the original point of entry for the viruses. The viruses were dormant while on the UNIX nodes and became harmful when they migrated to their target systems. The UNIX systems acted as unaffected carriers of computer viruses for other platforms of computers. For the sake of simplicity, I have coined the phrase "Typhoid Mary Syndrome" when describing this problem.


When looking up the history of viruses, the one thing agreed on is that Linux and other Unix clones are less vulnerable due to a lack of cross compatibility. The same thing that prevents the existence of simple cross-platform load & run program libraries for all *nixes is the cause of the dearth of cross-platform malware for *nixes.

The major strength of Unix & clones is also it's worst feature when considering it as a Windows mass market replacement :D

There is a lot of history available if you want to look for it :)


RE: Traditional programs won't run either...
By Gondor on 12/5/2012 12:50:17 PM , Rating: 2
quote:
Infectious C compiler created that adds a login backdoor to a freshly compiled Linux OS. The login insertion is added to a recompilation of the compiler from source without a trace of the backdoor code. Author: Ken Thompsen. Document in the paper titled "Reflections on Trusting Trust" (1984)


Ah yes, the dreaded freshly compiled Linux OS from 1986.


By Fritzr on 12/5/2012 11:29:48 PM , Rating: 2
The point of that particular creation was: Can you trust your tools to generate trustworthy products?

This particular example allows the suspicious user to examine the source code of the compiler to ensure that there is no malicious code.

This vetted source is now used to compile a trusted compiler. However the compiler used to compile the trusted source generating a trusted binary inserts code that will place the backdoor into a Linux kernal compiled with the trusted compiler.

Since the Kernel source was vetted and the compiler source was vetted then the compromised binary has no backdoor...right?

Nope wrong ... a tool in the toolchain used to create the trusted toolchain was compromised, resulting in insecure trusted secure binaries.

That compiler was a publicized example. How many of your tools are compromised without your knowledge? How do you know that your answer is correct?


By Breakfast Susej on 12/4/2012 2:15:37 PM , Rating: 2
Social engineering is extremely effective. Even in the Unix derived world.

For an interesting insight into this read Kevin Mitnick's "Ghost in The Wires". Much of his hacking was achieved through social engineering the way he describes it. The rest being achieved through ingenuity and unpatched vulnerabilities.


By tech4tac on 12/4/2012 1:26:16 PM , Rating: 2
quote:
The fact is that UNIX style operating systems are impervious to Viruses. They don't exist. Not for Linux, not for OSX, not for AIX, HP-UX, Solaris, the BSD's, etc.


Ummm... yes there are: ever heard of Bliss. Bliss wasn't even the first, just more publicized.

The fact is ANY computer can get a virus... some are just better at preventing/containing infections than others. Malware are just programs written with mischievous intent and viruses are a classification of malware that has the characteristic of replication. In theory, *nix based OSes should contain malware within the users profile, but exploiting bugs for privilege escalation to obtain root privileges can result in system wide infections.


By Piiman on 12/29/2012 1:55:29 PM , Rating: 2
"not for OSX"
Not true

""Macs don't get viruses." You've heard it a lot, and while it's never been true, Apple hasn't gone out of its way to clear the air on the matter"

Linux:
again not true

Linux malware includes viruses, trojans, worms and other types of malware that affect the Linux operating system. Linux, Unix and other Unix-like computer operating systems are generally regarded as very well-protected, but not immune, from computer viruses.[1][2]

And I'll guess that your other claims of no viruses on other linux platforms is also untrue.


By Breakfast Susej on 12/4/2012 12:40:41 PM , Rating: 2
Microsoft get's a bad rap for security and perhaps it is well deserved from the days when their security was so bad as to be both laughable and frightening at the same time.

In fairness to them however their security is currently quite good, and they are the target of things that Linux and OSX just do not have to deal with.

As a Linux user, I am not a terribly great fan of wine. My preferred alternative, albeit heavy handed and requiring a license, (assuming you don't wear an eyepatch and sport a peg leg) is to run Windows in virtualbox for the few things that I do need it for.

The majority of my workplace has been migrated to Linux with very good success, and those users that do require office here and there just use a VM as well. I have set up office 2007 to work relatively well in Wine, but it's pretty awful still and popping open a VM when you need it is far better in my eyes.

The best thing has been the administration standpoint for myself, maintaining Linux desktops is a comparative treat.


"This week I got an iPhone. This weekend I got four chargers so I can keep it charged everywhere I go and a land line so I can actually make phone calls." -- Facebook CEO Mark Zuckerberg














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki