Full Disclosure mailing list archives
RE: RE: M$ - so what should they do?
From: "joe" <mvp () joeware net>
Date: Tue, 22 Jun 2004 15:42:31 -0400
Oy, best laid plans of mice and men... Tried to take this offlist but you can't hold back such a knowledgeable and well experienced Windows person (465 machines... I had no idea... my pardon to your exceptional skills) from trying to make a point to their peers... ActiveX/OLE/COM is, again, not core Windows. They are applications that run on Windows. The default user interfaces on the system use these for management of the system and they are heavily embedded in several user faced applications such as IE so that you may think they are core Windows but they are not. One of the best responses on this list in the last couple of days was from Ondra, go look for it. Core components are things like file system, memory system, subsystem model, service system, process system, audit system (which is a subset of the permission system), permission model/system/structures, authentication/authorization systems, IPC/LPC/RPC, etc. The fun thing is that many of those can be picked up and replaced if you want to and know how to. You want to complain about things in the native system that should be fixed, complain about creator/owner in the ACL model and how bad that is. Complain about localsystem and how dangerous that is. Complain about how you can send NULL in as security descriptor for any securable object. Complain about the ability to capture the password hashes and brute force attack them. Complain about how you can go in and wipe a password hash. Complain about the seeming complexity of the ACE/ACL/SACL/DACL system especially in terms of inherited and explicit ACEs and how dangerous that is in the general world of computers with the base level knowledge most people have. Complain about the ability to coerce ACLs into into doing non-intuitive things based on how you order the ACL. Complain about how you can actually set Everyone NO Access on anything yet use C/O to get back out of it. Complain about some of the serious shortcomings in the security boundaries in Active Directory which is the core authentication/authorization structure. There are several things to complain about that are core Windows, only the really vocal guys don't seem to know about them. There are some very intelligent people on this list who have good understanding of things that are really wrong with Windows and the *nixs. Many of the people posting "on the side" of OSS though seem to be prattling bigots who simply want to be heard and seem like they are incredible wits. Well they are maybe half-right. I would expect that many others who are "on the side" of OSS would wish these people would just go dig a hole and fill it back in after they have jumped in. If you don't want to do that, you would be better served simply extolling the benefits of your OS of choice without trying to show it is better by how it beats something else because in many cases you really don't know what you are talking about and could simply be highlighting your lack of knowledge in what you are speaking of. As I said before, you can talk about how great X is with X being whatever it is you want it to be without having to say because Y sucks. Saying Y sucks proves nothing about X. Now back to the topic of security. I still haven't seen a post that actually points out why from a security standpoint, Windows needs a base level redesign. I have seen lots of arguments however poorly expressed that there are many portions of the user space that are less than steller with IE being the poster child here. Even the points I make above don't require complete redsigns, just dedicated work. Especially if the goal is as it normally is, to not break as many people as possible. This is a serious concern with MS because if they piss off all of their customers, there aren't many other people to come use their stuff. Quite unlike any other OS which could lose all of their users and get a completely fresh batch of users of exactly the same size and never miss the previous users. I keep getting emails about how I am an MS Lackey and don't know what I am talking about. The latter could possibly be true but my paychecks are fine so I am happy with that. The former is definitely not true and I have pissed off many inside of MS probably far more than a vast majority of the people reading this. People who sit there and whine and complain and say things like M$ and complete rewrite or MS is just criminals, etc don't really get listened to to even get to a point to piss anyone off at MS. They are simply rightfully written off as dumdums. If you actually want to make a difference formulate intelligent responses and listings of issues and possible solutions to at least show you have a concept of what you are talking about. Note again, saying look at X because they do it correctly isn't very good either. I do actually run and sometimes suggest BSD/Linux. I have said this multiple times. Of course we have some extremely intelligent folks here on the list who went looking for my secret resume and found no listed *nix experience so rightfully assume that I have none because no one ever manipulates their resume in the way they want to present themselves... Finally and once more. These are tools. There should be no sides here. This isn't a religion. It seems many IT people have given up deity religions but seem to need to believe in something in an insane fanatical way so they pick an OS. That is still a little on the kookoo side in my opinion. These are tools treat them as such. If you feel yourself getting all upset because of something someone says about an OS or a program, you probably need to take five. joe -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Edge, Ronald D Sent: Tuesday, June 22, 2004 1:58 PM To: full-disclosure () lists netsys com Cc: joe Subject: [Full-disclosure] RE: M$ - so what should they do?
-----Original Message----- From: joe [mailto:mvp () joeware net] Sent: Tuesday, June 22, 2004 11:08 AM To: Edge, Ronald D Subject: RE: [Full-disclosure] RE: M$ - so what should they do? Almost everything you said here is user interface, not core Windows and why it needs a redesign. The remaining is either wrong or (mis)configurations. This illustrates exactly my point. I fully concur that much of the user interface needs work, I tell this to every MS developer I run into and many of them agree as well. They are working on it....
You're just jerking chains here, right? Did you read what I wrote? Where in the world in what I wrote can you point to something that specifies the user interface as the problem? That is simply not true. The inability to distinguish between being logged on as root vs. non-privileged user, and the latter still in their sandbox be able to function, install their programs, do their work, yet simply not have any chance to accidentally attack and destroy the operating systems, is inherent in the Windows design as it is, and is truly at the root of current evil. This has zippity doo dah to do with the user interface. ActiveX controls are program objects. They were introduced so sites on the Internet could run programs on local computers. This is the root of much evil. There are few who argue this now. Many of them provide the ability to create user interface object superior to simple HTML, but the evil they do and can do and have done goes far, far beyond that. I should have added a final point, and that is the Misgeburt, as the Germans would call it, the registry. What a single failure point, designed to be more a study in obfuscation than an exercise in good database and system design. Even Microsoft is retreating from the registry, according to what I have heard at the last two database development conferences I have attended. The registry, to be frank, sucks. It just offers crackers fruitful paths of attack, the favorite of course being loading something in the start key so when the computer boots next time is it is toast, since the users is 95% sure to be running with full admin privileges, and the program will be able to do anything it wants. And it is so easily broken by poorly written install and uninstall programs that I would laugh, if it were funny, but it is not. I could go into the rise and fall of com objects and ole, too, but like most Microsoft stuff, it rises, some fools develop using it, and 18 months later MS changes its mind, and presto, instant obselescene in programming. Not exactly a good investment if you are still paying attention to ROI. Note that I see this as a Windows user, using development and database software on Windows, and managing 465 + machines all but about two dozen of which are windows XP or or 2000 or 2003 servers, and a remaining handful of 2000 machines. None of the usability features can override the intrinsic flaws in security design that have resulted in at this moment literally millions of Windows machines compromised world wide, and ongoing daily nightmares in just keeping things glued together so they work at least the majority of the time. Ron. Ronald D. Edge Director of Information Systems Indiana University Intercollegiate Athletics edge () indiana edu (812)855-9010 http://iuhoosiers.com "Patriotism is not short, frenzied outbursts of emotion, but the tranquil and steady dedication of a lifetime." - Adlai Stevenson _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: M$ - so what should they do?, (continued)
- Re: M$ - so what should they do? Duncan Hill (Jun 22)
- Re: M$ - so what should they do? Mohit Muthanna (Jun 22)
- Re: M$ - so what should they do? Ciro Spider-Man (Jun 24)
- RE: M$ - so what should they do? Stuart Fox (DSL AK) (Jun 21)
- RE: M$ - so what should they do? Stuart Fox (DSL AK) (Jun 21)
- RE: M$ - so what should they do? Eric Paynter (Jun 21)
- Re: M$ - so what should they do? tcleary2 (Jun 21)
- Re: M$ - so what should they do? Eric Paynter (Jun 21)
- RE: M$ - so what should they do? Edge, Ronald D (Jun 22)
- RE: M$ - so what should they do? Edge, Ronald D (Jun 22)
- RE: RE: M$ - so what should they do? joe (Jun 22)
- RE: RE: M$ - so what should they do? ktabic (Jun 22)
- Re: RE: M$ - so what should they do? scosol () scosol org (Jun 22)
- RE: RE: M$ - so what should they do? Jonathan Rickman (Jun 22)
- RE: RE: M$ - so what should they do? Frank Knobbe (Jun 22)
- Re: RE: M$ - so what should they do? Georgi Guninski (Jun 23)
- RE: RE: M$ - so what should they do? joe (Jun 23)
- RE: RE: M$ - so what should they do? joe (Jun 22)
- RE: RE: M$ - so what should they do? joe (Jun 23)