Print 94 comment(s) - last by Piiman.. on Dec 29 at 1:55 PM

There's also nary a mention about Microsoft's pro-security switch to a walled garden model

Online newspaper Inc. has published a pretty interesting account ripping into Windows RT, which it calls "Doomed".  The author, Geoffrey James, has a big warning to business -- "inherently unstable and insecure."

The author lauds Apple, Inc.'s (AAPL) iPad as the new paradigm of glorious computing and security, while lashing Microsoft, writing:

I used to work in an operating system development group. One thing I learned back then is that any OS that allows applications to modify the OS will be inherently unstable and insecure.

Since Windows is designed to allow that to happen, both computer viruses and the gradual "rot" of the software installed on a Windows system are both inevitable. There is no way to fix the problem because it's inherent in Windows's design.
I'm a case in point. While I'm still using a Windows machine for most of my writing, I'm serious thinking of "taking the leap" to only using my iPad simply to avoid the support headaches that are inevitable with Windows.

In short, the Surface is doomed because the entire concept behind it is flawed. Even plain Windows is getting so old and creaky that it's getting to be more a bother than its worth.

But the columnist misses (or at least never mentions) that the device he targets in the byline (Surface) is currently only being sold with Microsoft Corp.'s (MSFT) Windows RT (Surface Pro -- the x86 version -- isn't expected until next month).  And not a single piece of traditional Windows malware can run on Windows RT without recompilation, as it runs on a fundamentally different architecture/instruction set (ARM) versus past versions of Windows (x86).

Surface RT can't run traditional x86 malware.
In other words, the columnist's negative experience of getting his laptop penetrated by a "root kit" is drastically less likely to occur in Windows RT, particularly while it enjoys such a peachy (from a security perspective) low market share, compared to traditional Windows.

Another thing the columnist seems to miss is that both Windows 8 and Windows RT Microsoft offer perhaps the biggest pro-security (but anti-openness) shift that has helped protect the iPad -- the switch to primarily using a "walled garden" model of software distribution.  In Windows 8 you primarily buy apps through Windows Store.  Microsoft verifies each of these apps and can yank any app at any time if it is later discovered to pose some sort of security risk.

Windows Store
Microsoft now uses a similar pro-security "walled garden" model as Apple, pushing certified-safe apps from the Windows Store. [Image Source: ZDNet]

Granted, Microsoft does practice a laissez-faire policy regarding Windows 7 legacy software (which won't run on Windows RT, but will generally run on Windows 8) and plug-in based distribution models, such as the Java-based Valve client.  In this regard it differs from Apple who strictly prohibits such freedoms. But increasingly from here on out users will be getting their apps from a single secure source -- Microsoft.

Additionally, the apps in Windows 8 are nicely sandboxed.  They simply are not allowed to "modify the OS" as the author suggest.  Windows 8 and Windows RT have robust protection against traditional attack vectors like memory injection, protections that rival those in the OS X tree.

Some criticisms of Windows 8 have been more level-handed pointing out perfectly valid opinions that many share about places the ambitious user interface redesign may have gone too far.  But some criticisms -- such as the argument to buy an iPad instead of a Surface RT because Windows is "unstable and insecure" -- are simply bizarre to the point where they almost appear to be a comedic caricature of misconceptions surrounding the Windows platform.

Source: Inc.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Traditional programs won't run either...
By bsd228 on 12/4/2012 2:08:55 PM , Rating: 1
> Absolute, utter bullshit. The first viruses WERE on UNIX. Linux is not nearly as secure as you believe and Windows is much more secure than you claim. You are a parody of the article writer the author of this article was mocking.

The first 'virus' was the Morris worm, yes, which took advantage of a lot of loose security standards from an era where that wasn't really a concern of the internet. The code maturity of these established protocols has advanced considerably since 1988, and the buffer overflow vulnerabilities were fleshed out quite a while ago. It's also important to note that this worm was not malicious in intent, but propagated much better than intended, resulting in a DoS attack.

The fundamental flaw in Windows security, particularly compared to unix, is that the running user typically has active Administrator rights. Unix users do not run as root. In Vista they tried to solve that by asking permission for every action, but that was such a pain that it was silenced in 7. I have no familiarity with what has changed with 8, but the app store by itself isn't enough. Windows users expect to be able to install things from any source.

I don't buy that RT is safe just because a recompile is necessary. Aside from targeting volume, hackers attack companies that annoy, and MS has always been a big red target.

RE: Traditional programs won't run either...
By Fritzr on 12/4/2012 7:54:59 PM , Rating: 2
The most important feature of a computer virus is the ability to self-replicate (in a sense every self-replicating program can be called a virus). The idea of self-replicating programs can be traced back to 1949, when the mathematician John von Neumann envisioned specialized computers or self-replicating automata sitting on modern office furniture, that could build copies of themselves and pass on their programming to their progeny.

Similarly the internet complete with a (very) intelligent search engine was first described in "A Logic Named Joe" by Murray Leinster, (Astounding 1946) included in the Baen book of the same title. Logics are now called PCs & frames are now called pages.

Star Trek season episode 15 was the first television production demonstrating the problems caused by "worms" (The Trouble with Tribbles) written by David Gerrold (1967)

A short story by David Gerrold appearing in Galaxy magazine was the first appearance of the term virus as applied to a computer program. (1969) The short story series was collected and released as a novel "When HARLEY was One" (1971) Revised and rereleased as "When HARLEY was One: Release 2.0" (1988)

The first documented virus was on a DEC PDP-10 running the TENEX operating system. Creeper (1971)

The second documented virus was on a DEC PDP-10 running the TENEX operating system. Reaper.
The malicious payload of Reaper was designed to delete Creeper :P

The program commonly credited as the first virus (actually a self spreading trojan) was run on UNIVAC. The OS was Sperry Rand's Exec 8. Creeper (1974)

The first IBM 360 virus (actually a fork-bomb type worm) was Rabbit on the ASP OS (1974)
Rabbit is now a class of virus (fork-bomb) that is found on any OS that allows a program to initiate a new process. In this sense, Rabbit is very much a problem on Unix and Unix clones such as Linux and BSD.

The term worm is coined (Shockwave Rider by John Brunner, 1975)

The first Apple virus was on an Apple II. Elk Cloner (1981)

VAX 11/750 virus demonstrated by Frederick Cohen. Cohen also uses the term "virus" for this type of malicious code. This is the beginning of this usage. (The actual origin was Cohen's teacher Leonard Adleman) (1983)

MS-DOS/PC-DOS/DR-DOS trojan horse ARF-ARF that deleted files, distributed by BBS (1983)

Infectious C compiler created that adds a login backdoor to a freshly compiled Linux OS. The login insertion is added to a recompilation of the compiler from source without a trace of the backdoor code. Author: Ken Thompsen. Document in the paper titled "Reflections on Trusting Trust" (1984)

Brain Boot sector virus running on IBM PC compatibles was the first true virus for MS-DOS and DOS clones. (1986)

First full stealth file infecting virus was BHP for the Commodore 64 (1986)

Burger for MS-DOS and clones was the first to infect multiple file types (EXE & COM) (1986)

First anti-virus programs available to anyone other than their developers came from IBM (1987)

SCA boot sector virus running on Amiga OS (1987)

CHRISMA EXEC (Christmas.exec) multi-OS network worm infected computer networks using the REXX scripting language (1987)

The Morris virus (worm) running on VAX 4BSD and Sun-3 (Unix clones) is credited as the first worm to use the internet to spread (1988)

Festering Hate was the first malicious virus for Apple II and created an Anti-virus industry for the Apple II ProDOS OS (1988)

Frodo was the first full stealth virus for MS-DOS and clones (1989)

Staog is the first Linux virus. Note that it targets Linux specifically rather than Unix clones generically (1996)

Cabir is the first Symbian (mobile phone) virus. It uses Bluetooth to spread. It requires Symbian on Series 60 phones, but will infect any Bluetooth device that supports "Object Push Profile" (2004)

Mabir is a Cabir variant that uses the MMS messaging service to spread.

RavMonE.exe is an iPod malware that attacks Windows systems each time the iPod is connected (2006) This was distributed using iTunes videos for 6 days in September of 2006. Apple's explanation was that a Windows PC used in iPod production (The Quality Control computer :P ) was covertly inserting the code.

A quote from a article
The Truth about Linux Viruses

One the biggest vulnerabilities of the Linux system are the users who have the misconception that it cannot be infected by computer viruses. Several people believe that any non-Windows system is secure and doesn't need the aid of additional software to ward off viruses. This is far from the truth and a major reason why more viruses are being written for the system.

From the developers of Ubuntu
The Reality

If you are going to trade files in a Windows world, you'll need to scan those files for viruses. You won't get infected, but you may help infect someone else. There are two ways to do this:
Run all the files through a server which checks for you. GMail, Yahoo mail, and Hotmail all have wonderful checking software.
Check the files for viruses yourself.

You can install a program called ClamAV. Install the package. It won't appear in the menu. Run it by getting to a command-line and type in "clamscan -h" to get some help on how to run it. If you really need to use a gui front-end and don't like the command-line then just install "clamtk". See the AntiVirus page for other antivirus packages and more detailed instructions.

Even if you do not trades files with the Windows world it is worth staying reasonably well up-to-date with normal updating procedures.

From Peter Radatti at is this intro to his paper on viral problems with a specific focus on Linux. Note the 1991 publication date. The first identified Linux virus arrives 5 years later.
Updated 1994 with comments on Unix viruses
Updated 1996 noting the release of Unix AV programs from companies that had been declaring "No need for AV if you run Unix" & MS-DOS boot sector viruses infect and destroy IBM PC clone Unix installs.
Copyright © September 1991, March 1996 by Peter V. Radatti All rights reserved.

This paper is intended to inform the UNIX and computer communities about formally undocumented computer virus problems. My observation of these problems were made at heterogeneous UNIX network sites and confirmed by discussions with system administrators at other sites. I believe that these problems are not limited to UNIX or heterogeneous networks. Furthermore, I expect the problems to expand in complexity, scope and virulence.

I have observed non-UNIX personal computers attached to a heterogeneous network that were infected with computer viruses originating from UNIX workstations. The UNIX systems were not the original point of entry for the viruses. The viruses were dormant while on the UNIX nodes and became harmful when they migrated to their target systems. The UNIX systems acted as unaffected carriers of computer viruses for other platforms of computers. For the sake of simplicity, I have coined the phrase "Typhoid Mary Syndrome" when describing this problem.

When looking up the history of viruses, the one thing agreed on is that Linux and other Unix clones are less vulnerable due to a lack of cross compatibility. The same thing that prevents the existence of simple cross-platform load & run program libraries for all *nixes is the cause of the dearth of cross-platform malware for *nixes.

The major strength of Unix & clones is also it's worst feature when considering it as a Windows mass market replacement :D

There is a lot of history available if you want to look for it :)

RE: Traditional programs won't run either...
By Gondor on 12/5/2012 12:50:17 PM , Rating: 2
Infectious C compiler created that adds a login backdoor to a freshly compiled Linux OS. The login insertion is added to a recompilation of the compiler from source without a trace of the backdoor code. Author: Ken Thompsen. Document in the paper titled "Reflections on Trusting Trust" (1984)

Ah yes, the dreaded freshly compiled Linux OS from 1986.

By Fritzr on 12/5/2012 11:29:48 PM , Rating: 2
The point of that particular creation was: Can you trust your tools to generate trustworthy products?

This particular example allows the suspicious user to examine the source code of the compiler to ensure that there is no malicious code.

This vetted source is now used to compile a trusted compiler. However the compiler used to compile the trusted source generating a trusted binary inserts code that will place the backdoor into a Linux kernal compiled with the trusted compiler.

Since the Kernel source was vetted and the compiler source was vetted then the compromised binary has no backdoor...right?

Nope wrong ... a tool in the toolchain used to create the trusted toolchain was compromised, resulting in insecure trusted secure binaries.

That compiler was a publicized example. How many of your tools are compromised without your knowledge? How do you know that your answer is correct?

"If you can find a PS3 anywhere in North America that's been on shelves for more than five minutes, I'll give you 1,200 bucks for it." -- SCEA President Jack Tretton

Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki