Question regarding an article fromMicrosft Hellas's CEO

Joao Ribeiro da Silva jrs at
Sat Feb 7 09:42:20 UTC 2004

----- Original Message ----- 
From: "Frank Heckenbach" <frank at>
To: <jrs at>; <discussion at>
Sent: Thursday, February 05, 2004 9:49 PM
Subject: Re: Question regarding an article fromMicrosft Hellas's CEO

> Joao Ribeiro da Silva wrote:
> > The main problem with security on windows and other operating
> > system is in their base.
> > Unix like OSs are closed systems by default while Microsoft
> > Windows is a open system by default.
> (How good that we don't talk about "open source" software, otherwise
> this last sentence would really look strange ...)

Yes, no doubt about it (when I wrote it I didn't noticed, but you made me

> > On Unix like OSs in order for a user to run anything you need
> > first to give him necessary permissions to do so. Otherwise
> > not even a byte the user can read from whereever.
> > On Windows you can do what so ever and then you starting
> > removing power to a user (closing the system to that user).
> But that's exactly one root of the problems. The latter model might
> be fine for a single-user standalone system (Dos and earlier Windows
> versions), but transfering it to a networked and/or multi-user
> system was a cardinal mistake. In principle it was clear from the
> beginning that this couldn't work (so they had plenty of time to
> rewrite it from scratch if they cared), now we're seeing the
> effects.

I think this case is directly related with the Microsoft views on network
and TCP/IP services in 1996 when network and TCP/IP services where not
seriouslly taken into account by Microsoft. TCP/IP services like HTTP, mail
and so on were very weak on Microsoft Windows NT 3.5. Once Microsoft started
to realise the power of those services and the importance of internet world
wide, was already too late to make those critical changes in their system.
Altought still possible, as you say. Meanwhile they didn't change the system
into the right direction. Instead they implemented several services with
many disregards to Network and TCP/IP protocol standards. A big mistake from
Microsoft, at least in my oppinion.

> Another basic problem which you didn't mention is the tendency to
> blur the distinction between executable code and data. AFAIK this
> tendency has even increased in Windows in the last years (MS-Word
> macro viruses, various "active" components all over the place and
> many more things, even the mangling of file name suffixes, so
> viruses could use double suffixes to "disguise" which is so
> ridiculous, etc.). For the average Windows user it's quite hard to
> tell whether they're viewing some data (image, text, ...) which is
> harmless unless it can exploit a bug in the viewer program, or
> executing some code which is always dangerous if it comes from
> unknown sources.

Again you are right. In my oppinion Microsoft never understood the
phylosophy of 'keep-it-simple', instead they have made it so complex from
the system point of view that sometimes I even wonder if they are able to
fully understand their operating system behaviour. I doubt that someone on
Microsoft at this point has a full view over all their operating system
strenghts and weakneses. Without the full picture on this are, is at least
very difficult to protect the system agains trojans, viroses and other
mallicious possible attacks to their system. Instead of correcting problems
from their root they patch the system to avoid a single type of attack when
they come accross a problem. Are Microsoft OSs a big set of patches that
runs over a badly crafted kernel, or something else.

> I suppose they're doing it in the sake of "comfort" -- and for the
> most part I don't even see that point. Most users don't regularly
> receive executable programs by email or execute them from random web
> sites. I suppose even the average Windows user is aware of the
> difference between installing a program (intentionally) and viewing
> a picture. And if web sites weren't so overloaded with various
> scripting garbage, this might even benefit users, when web authors
> would have to learn to write proper HTML for a start (e.g., not
> using JavaScript for things that simple HTML forms can do just as
> well, which can be very annoying). But I'm digressing ...
> But even if there was some "comfort" to it, it now clearly shows
> that the security implications are unmanageable. So if they care for
> security at all, they have to realize it was a wrong decision and
> undo it until it's too late (well, until it's even more too late
> than it already is ...). But as long as "opening" an email or web
> site can mean executing arbitrary code it contains, there's not a
> chance of hope for security.

I don't belive in that argument, because if Microsoft started from the
begginning in the right direction like many Unix like system (eg: Linux,
FreeBSD, etc) people had get used to use their applications and operating
system in the same way and as easy as they use Windows today. People got use
to what their OS requires and that's it. The need makes the monk.

> BTW, this might apply just as well to Unix applications. I don't
> usually use this kind of programs, so I don't know how far the usual
> suspects have gone already (whether also for a strange sense of
> comfort, or just to imitate the Windows "experience"). I'd just say,
> beware ...
> > Try to map a network drive or even access to your CD-ROM it
> > will tell you that only the system administrator can do that
> > and because on Unix nobody works as system administrator then
> > the system core never has a virus. In the worst case scenario
> > only the files created by the user can be deleted or damaged
> > not the files from other users so even if we had virus on
> > Unix the impact over the system would be very small (to the
> > user level only).
> I've heard this argument, but I don't think it's a very strong
> point. On most machines the user data are more valuable than the
> system files. A system can easily be reinstalled, but user data may
> take a lot of time to recreate, or even cause financial loss. (Oh
> yeah, backups. Sure. Most people don't do them unless they've been
> *seriously* hit once or twice. I know professional programmers who
> don't do good backups ...)

In this case, I think you are right in one way and wrong in another. Why?
Simple. When the programmer of a mallicious trojan, virus or any other tipe
of action makes his decision on attacking another computer or computers he
whants to destroy as much data as possible. He will not like the idea of the
possibilty of damage the data of a single user, no he whants more, alot
more. In this philosophy it's easy to understand why most of the viruses and
trojans are designed forwindows where the possibility of impact and the
prospect of destruction is alot higher (and simple to progam).
I remember when the Virus 'I love you' stroke, I was working for Interland,
the hosting compny in their offices in Amsterdam (when they had offices
here). After our mail started to be infected by the virus, took me an hour
open the code of the virus, change it, and using the same tecnology the
virus used to spread my own virus that was a vacine for it. The only thng I
did was reverting all the mallcious code inde the virus, it was very
effective, after around 2 hours were no trace of the virus 'I Love You'
inside the company.

> It's true that a virus can hide in system programs and covertly
> spread more damage over time, but on Unix systems, they can do
> almost the same by manipulating the user's aliases, PATH, etc.

Yes, of course, but with the variaty of system configurations on Unix based
systems, and other that are costumized by the systems administrators of each
different company it can be a hard task to program something that will be
really efficient.

> Both points are especially true of single-user machines, but that's
> what most potential victims are.
> > On Unix, as soon a user logs out from the system all
> > applications running with that user permissions are forcelly
> > terminated by the OS itself.
> Not at all.

Ok let's say for the majority of the applications this is true, only people
that manipulate computers very well, like programmers and systems
administrators end up to leave tasks running when logged out. What we are
talking about here are the normal users, and not those taht difficultlly
will ever be effectivelly attacked. Don's forget that the majority of the
normal users run simple client applications under X windows and when they
log out they close the applications o X closes it for them. This is the
standard procedure. If we start talking about what isn't standard on this
world then the possibilities are infinite giving space for what our
imagination can came up with.

> Frank
> -- 
> Frank Heckenbach, frank at
> GnuPG and PGP keys: (7977168E)


More information about the Discussion mailing list