Full Disclosure mailing list archives
Re: Anti-MS drivel
From: Tobias Weisserth <tobias () weisserth de>
Date: Thu, 22 Jan 2004 01:28:51 +0100
Hi yossarian, Am Do, den 22.01.2004 schrieb yossarian um 00:05:
Have you noticed that you can put diesel in a normal car, cause the muzzle at the gas station is too thick?
When you open the lid it says on the inside which type of fuel you need. When a user buys a computer he knows if he bought a PPC or a x86 the same way they know they bought a Diesel instead of an Otto fuel engine. Your fuel analogy may work for cases where consumers have bought Mac software by accident though they have a PC ;-)
Ask the local garage how often it happens the other way around.
I don't know how this works in the US but in Europe gas stations and fuel inlets are only compatible if you use the right fuel. I couldn't refuel my car with Diesel even if I wanted to.
Who is to blaim - where are talking product liability here, while most of us are not trained in legal matters - hence the example.
There is the difference between a consumer taking action to damage the product in contrast to the consumer NOT taking action to REPAIR a product the vendor shipped broken.
And remember - people are required to have formal training to drive a car....
Do you want to establish the same situation for PCs? Vendors will not be happy since this limits their market.
With the laters updates for Outlook, most attachments are blocked by default, and guess what: question No.1 to the helpdesk: how do I turn this feature off?
See? That's what I actually predicted. If a risky feature is turned off by default then users who want it enabled have to educate themselves, using the help-desk at the company or local product documentation in the case of the home end user. If a single user is willing to take the risk - fine. Let him. But millions of other users will be happy the way it is and stupid spreading mechanism like "running an attachment" will not be spreading Win32/Bagle-A in the future.
When I drove home after reading this thread, I tried to open the hood while driving - guess what? It does.
It's mechanical, right? No electronic stuff between the lever you pull and the hood, right? As You must know, such "driving"-"computing" analogies are useless and pointless since people need a license to drive while a PC is an ordinary consumer product we expect our kids can operate.
So things can go wrong when I just push buttons randomly. But only irresponsible and stupid people will do that!
But people are this way. There's no point in trying to change them. Even when you succeed in doing so, new and maybe even worse stupidity regrows. When you have a solid product that is near fool-prove it doesn't matter if Murphy sends waves after waves of stupid users against you.
Yep, cause if the wind catches the hood it wil fold over the windscreen. Let's sue GM!
Let's say the lever to open the hood is placed in a way the driver or the co-driver could operate it with ease and without shifting position in the seat then this would indeed be a reason to sue the manufacturer. Imagine a curios minor is sitting on the co-driver's seat and plays around at the radio and pulls the lever next to it. The lever in my car is placed UNDER the driver's seat so that people don't get the idea of pulling it. Attachments are usually displayed along with the message and can be opened without "shifting position while driving".
My car won't even complain when driving in the dark without the lights on. Technically a piece of cake to fix - my former car put them on automatically - and the whipers when it rained, too. But the new one doesn't - my point is that even in car manufacturing with a 100 years experience, certain security features are lacking in new cars. Remember the Pinto?
[OT] Sorry, doesn't ring a bell. I'm not really into the American car market, sorry. I drive a car you can't buy in the States and there are even more cars in the States that are not for sale in Europe. It's amazing how a landscape can differ by just looking at the different types of cars, don't you think? :-) [/OT]
Now the e-mail attachment. E-mail is the killer app, most used PC feature, so this is where stupid people are bound to do wrong. If you block opening attachments they'll save it to their desktop and either call the helpdesk since they can't seem to find the file and start yelling about it, or open it from the desktop.
This is already enough. Most users won't even bother when they can't open an executable attachment they didn't expect. They'll dismiss it and go on. Even if some individual users pursue their quest of curiosity and want to start the damn thing then they still form a minority. This improves things. Imagine only 3 out of 10 users who want to start an anonymous email attachment, care to find out how to sail around inbuilt security. The 7 other users give up, don't care or continue in their work flow. Then only 3 out of 10 PCs get infected where we normally had 10 infected PCs that would have tried to infect more and consumed valuable bandwidth on the net. Anti-Virus software vendors would gain more time since the virus spreads slower and companies would have more time to react. Mission accomplished.
Believe me, i've seen this happen. What do we do next - prevent users from starting executables alltogether?
If people wouldn't run as administrators in XP Home then the execution of malicious code would only be half as bad as it is. When a normal user in Unix/Windows/Mac OS X runs a malicious program then the worst that can happen is that his home directory gets busted. Only if this program can exploit a local vulnerability then the system gets compromised. Windows XP Home users bust their whole system when they make a single mistake. This is a rather high stake considering the fact that XP Home is aimed at the end consumer who is bound to make mistakes, don't you think? [Please don't start an OS war on this. It is a matter of principle, not OS. Windows 2000 can be used in almost the same way users and groups are handled in other OSs. It's the "why not this way by default in XP Home" that is important.]
Make a .Pol file so the only executable they can run is winword.exe and outlook.exe?
No, mount user partitions [those where they can save files] with the noexec option. :-) You see, there ARE already some VERY good and solid concepts to handle these principal questions. Vendors only need to implement and include them by default. This is more important than educating users. Instead I get the impression that most vendors are just saying: "Bring 'em on."
Theoretically sound, but with the reality in many shops that they give local admin to users since the customer is allways right,
You haven't understood this a bit. You are not doing the customer a favour when you let him be administrator by default. When end user applications need admin rights to run under Windows then this is serious design flaw that needs to be changed before demanding changes in users behaviour. If you give a user admin accounts by default and he fails to handle them in a responsible way then you are wrong, it is your fault. And yes: because the customer is always right. You should have known in the first place that no good can come from "admin by default" because you must know your typical customer.
or some other lame excuse, it won't work.
Trust me. It already DID work.
People just clicking everywhere should not be using *any* operating system, or any other complex device for that matter, like a car. Why blame a device for complexity some people can't handle? ANY device?
Who do you want to sell PCs? Only companies with IT infrastructures? Only administrators? Computer Science students? Or the average guy on the street, the six year old, the granny? This is an economic question. Not a technical one. If you want to sell a product then it has to be aimed at a specific group of consumers. If they can't handle your design, then they'll eventually switch as soon as there is competition available that is doing better. We are about to get into this situation within this year and the next few years.
The faulty nature does not deter many people from using it, so the flaws cannot be too serious.A problem is only a problem in the eye of the end consumer if "rien ne va plus". Only when a PC won't start up again, the end user knows "Uh-Oh...". In the meantime this same virus and worm ridden system has caused major traffic jam on email servers and made the day on the Internet a hell.Routers choke, servers gasp, let's blame MS, is that it?
Yes. Let's blame MS for not closing down unnecessary services on consumer boxes by default. Finally you understood me. But my "blame" isn't simple bashing. I expect MS to do better. If enough people raise their voice then MAYBE the next releases of Windows will improve things by not offering admin accounts by default for consumer versions or having all sorts of outside connections open by default.
Let's imagine a worm that propagates using something like older OpenSSH, open FTP directories accepting anon, and samba shares - use buffer overflows in sendmail and apache for effective rights - and CORBA to root. It contains a mechanism for detecting the network lay-out, along the lines of p0f, and a tunneling mechanism for additional payload over a P2P like network, with a TLS communication. And it would trigger at certain intervals ARP flooding to all systems with DNS and BootPS. At the end of the year it would tell intel processors it is a 286. To make the fun bigger it would find the installed certificates on the machine and use it to sign the trojans it installs. Would networks crumble?
That depends upon the quantity of infected machines trying to reproduce and spread the worm.
Servers and routers need special care, for cases such as this one.
Yes. And end user, consumer versions of operating systems ["advanced game loaders" as I've read here :-)] don't need unnecessary services and root access for default users.
Complaining about either stupid users or Outlook is not going to change anything - fix your infra. And chop-bloody-chop with it!
That may be right for you and me but not the average end consumer who doesn't want to "fix" anything and who doesn't have an "infra". He simply wants to use it. They expect their PC to work in the same way a TV set works. You switch it on and switch it off. That's the kind of "button pressing" they want to do. Not fixing stuff. It is our task to make this possible.
If you are to build a virus, go for the greater numbers.
No. Go for the weakest target. If I know 90% of all possible targets have an exploitable service running by default, then this is the weakest target.
Worms even more so.
Yes, that's true. And use vulnerabilities you can count every target computer has: like an open RPC port on 99% of end user PCs.
So this is what it all boils down to - the risk of the monopoly.
I don't worry about the monopoly. It's already seen its best days. Market powers are already in motion and by the end of this year the desktop market will show the first signs of changes.
And yes this puts a huge responsibility on MS. Maybe we can blame them, but any monopoly on the desktop brings this risk.
You are absolutely right. That's why my criticism isn't limited to MS or any other vendor. I can criticise any other vendor without blushing. Trust me.
Since standardisation in OS and applications is corporate policy everywhere, and globalization is real, there will allways be a monopoly on the desktop with all its inherent risks.
This is where you will be proven wrong. With all the urge to standardisation, how do you explain the rising number of successful Linux vendors haven't found a way to standardise methods of packet management, a common Window-Manager and common widget sets and so on? Competition and innovation are very inter-dependant. Even more so in globalisation.
Maybe not MS's but then some other. And guess what? The next one will be worm and virusridden too That is the reality of being a sysadmin in the 21st century. If you can't take the heat, stop whining, this is a kitchen you know.
If you fail to see how a few very simple measures by the vendor you and I have to apply anyway can improve the situation then I feel sorry for you. You may be able to fix the problems in your organisation but the real problem are those millions of unsupported end users connected to the Internet, having their Windows XP Home wide open for anything as soon as they forget to "sysadmin" it because they have a private life and a family at home. cheers, Tobias _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Anti-MS drivel, (continued)
- Re: Anti-MS drivel Cael Abal (Jan 22)
- Re: Anti-MS drivel Gregh (Jan 23)
- Re: Anti-MS drivel Erich Buri (Jan 20)
- Re: Anti-MS drivel yossarian (Jan 20)
- RE: Anti-MS drivel Mike Marshall (Jan 20)
- Re: Anti-MS drivel Jeremiah Cornelius (Jan 20)
- Re: Anti-MS drivel Tobias Weisserth (Jan 21)
- Re: Anti-MS drivel yossarian (Jan 21)
- Re: Anti-MS drivel Tobias Weisserth (Jan 21)
- Re: Anti-MS drivel yossarian (Jan 21)
- Re: Anti-MS drivel Tobias Weisserth (Jan 21)
- Re: Anti-MS drivel yossarian (Jan 21)
- Message not available
- Re: Anti-MS drivel yossarian (Jan 21)
- Re: Anti-MS drivel Bart . Lansing (Jan 23)
- Message not available
- Re: Anti-MS drivel Nick FitzGerald (Jan 24)
- Re: Anti-MS drivel Bart . Lansing (Jan 26)
- Message not available
- Re: Anti-MS drivel yossarian (Jan 22)
- Re: Anti-MS drivel Gregh (Jan 21)
- Re: Anti-MS drivel Tobias Weisserth (Jan 22)
- Re: Anti-MS drivel Valdis . Kletnieks (Jan 20)