backtop


Print 94 comment(s) - last by Piiman.. on Dec 29 at 1:55 PM

There's also nary a mention about Microsoft's pro-security switch to a walled garden model

Online newspaper Inc. has published a pretty interesting account ripping into Windows RT, which it calls "Doomed".  The author, Geoffrey James, has a big warning to business -- "inherently unstable and insecure."

The author lauds Apple, Inc.'s (AAPL) iPad as the new paradigm of glorious computing and security, while lashing Microsoft, writing:

I used to work in an operating system development group. One thing I learned back then is that any OS that allows applications to modify the OS will be inherently unstable and insecure.

Since Windows is designed to allow that to happen, both computer viruses and the gradual "rot" of the software installed on a Windows system are both inevitable. There is no way to fix the problem because it's inherent in Windows's design.
...
I'm a case in point. While I'm still using a Windows machine for most of my writing, I'm serious thinking of "taking the leap" to only using my iPad simply to avoid the support headaches that are inevitable with Windows.

In short, the Surface is doomed because the entire concept behind it is flawed. Even plain Windows is getting so old and creaky that it's getting to be more a bother than its worth.

But the columnist misses (or at least never mentions) that the device he targets in the byline (Surface) is currently only being sold with Microsoft Corp.'s (MSFT) Windows RT (Surface Pro -- the x86 version -- isn't expected until next month).  And not a single piece of traditional Windows malware can run on Windows RT without recompilation, as it runs on a fundamentally different architecture/instruction set (ARM) versus past versions of Windows (x86).


Surface RT can't run traditional x86 malware.
 
In other words, the columnist's negative experience of getting his laptop penetrated by a "root kit" is drastically less likely to occur in Windows RT, particularly while it enjoys such a peachy (from a security perspective) low market share, compared to traditional Windows.

Another thing the columnist seems to miss is that both Windows 8 and Windows RT Microsoft offer perhaps the biggest pro-security (but anti-openness) shift that has helped protect the iPad -- the switch to primarily using a "walled garden" model of software distribution.  In Windows 8 you primarily buy apps through Windows Store.  Microsoft verifies each of these apps and can yank any app at any time if it is later discovered to pose some sort of security risk.

Windows Store
Microsoft now uses a similar pro-security "walled garden" model as Apple, pushing certified-safe apps from the Windows Store. [Image Source: ZDNet]

Granted, Microsoft does practice a laissez-faire policy regarding Windows 7 legacy software (which won't run on Windows RT, but will generally run on Windows 8) and plug-in based distribution models, such as the Java-based Valve client.  In this regard it differs from Apple who strictly prohibits such freedoms. But increasingly from here on out users will be getting their apps from a single secure source -- Microsoft.

Additionally, the apps in Windows 8 are nicely sandboxed.  They simply are not allowed to "modify the OS" as the author suggest.  Windows 8 and Windows RT have robust protection against traditional attack vectors like memory injection, protections that rival those in the OS X tree.

Some criticisms of Windows 8 have been more level-handed pointing out perfectly valid opinions that many share about places the ambitious user interface redesign may have gone too far.  But some criticisms -- such as the argument to buy an iPad instead of a Surface RT because Windows is "unstable and insecure" -- are simply bizarre to the point where they almost appear to be a comedic caricature of misconceptions surrounding the Windows platform.

Source: Inc.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

We will see...
By Visual on 12/5/2012 5:45:12 AM , Rating: 2
I kinda doubt Windows RT's malware immunity. Nothing is impossible, as they say. So viruses and malware will soon appear for it as well.

Windows RT still has regedit.exe and can "run" reg files; it has cmd.exe and can run bat/cmd files; it has Windows Scripting Host and can run js/vbs files; it has PowerShell and can run ps1 files (not associated by default, but can be started through a cmd/bat file, or the association can be made in the registry). All of these have some potential for malicious use.

Sure, there probably are the usual security restrictions to each of those, so they can not compromise much more than the current user's environment... unless the user cluelessly clicks Yes on a UAC prompt. And we know users never do that kind of things, ever. Right?

Sure, MS can tighten things up even more, and prevent even those tools from working, and make hackers' job somewhat harder. But will it ever be bulletproof when the user is retarded?

Personally, I sort of expect, or at least strongly hope that Microsoft actually goes the opposite direction... I want them to allow me to make desktop mode "apps" for Surface - both as compiled binary executables and as HTA, WSH/JS or PowerShell scripts. I won't buy into that thing while it remains as hostile to developers and homebrew enthusiasts as it currently is.

As to security, it should count more on a functioning brain and common sense and less on walling things up.




"Folks that want porn can buy an Android phone." -- Steve Jobs














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki