December 1997
An editorial from our webmaster:
Much software is built on the theory that if you make something hard to do then you have enhanced it's security. Emperor Gates is fond of this theory, he offers systems that make life inconvenient, at the same time his company neglects fundamental security issues in all their operating systems.
Security is an arrangement of situations where one makes it impossible for someone to do something that you don't want them to do. Some forms of security are self-security... they prevent you from doing something which might damage you. But much security is aimed at controlling other people.
So as a homeowner you don't want your house broken into and your goods stolen. So you try the cheap solution first; you put signs up in obvious places warning about your Rotweiller (which you never intend to buy). This is a cheap low cost security measure. It's cost is the ugly signs you have around, which destroy the beauty of your home. It's not a low cost solution if you really buy the Rotweiller.
Next, you try to increase your security by doing a variety of more concrete things: You put bars on your windows and invest in a tripply locked solid steel front door. You invest in alarms that sound if someone moves inside the house. And so on.
Each component of the security arrangement has costs and offers some protections. However without really thinking out realistically what dangers lurk in the unknown, you can't really assess the success of the arrangements you have made, but you will most certainly feel the inconvenience you have created. Start with the tripple locks on the door. Well they will probably prevent a teenager from getting in that way, but they cost you unlocking three locks every time you come in. You say you don't come in that way, you come in through the automatic door opener in the attached garage... oh, and how hard is that for a burglar to fool?
Security must be looked at as a whole. You can put a lot of energy defending against something in one place while leaving entry open some other place. This is why operating system security is so hard to achieve.
An operating system should provide some security for you. Most operating systems provide file protection, user authentication, and privileged modes of operation where only certain people can do system level operations. Much of this is to prevent you from hurting yourself by preventing wider damage than a few local files destroyed.
The second goal in operating system security is to keep the integrity of your information and only allow authorized users from viewing or executing it. This is more ambitious but the principles behind doing it are well understood. And Unix, Linux, and DEC and IBM main frame operation systems all provide sufficient security for most users.
If an operating system provides file protection and user authentication and it uses those functions to protect its own system files. Then viruses are impossible. Thus there are no viruses on Unix, DEC and IBM main frame computers. There may be other dangers, but at least there will be no programs which modify the system so that you wake up one morning and some hacker has taken over your operating system.
These problems were solved and use standard techniques that evolved in the 1960s and 1970s as computing grew dramatically and timesharing systems meant that many people shared the same machine and therefore there was a need to control access-to and modification-of information.
Microsoft grew up in the next generation, the personal computer generation. The general wisdom of the young was there was no need for security since no one was sharing the machine. Machines were small and isolated, no one wanted the overhead of logging into their machine at home... to much inconvenience. This gave rise to the virus phenomenon. This was the permissive '70s.
Computers really are not that isolated. If I give you a floppy disk and tell you that there is a hot new game on it, you are perfectly happy to stick it in the floppy drive and away you go, and in goes the virus. Because in Microsoft operating systems there is no protection.
This gave rise to a whole industry that fought the hackers (as the authors of viruses were known to the masses). This is still the case today.
The latest and greatest of Microsoft's Operating Systems Windows NT 4.0 has finally introduced user authentication and a protected file system. However people still sell virus protection systems for Win NT. Why? because Microsoft leaves all system programs open for read and write by everyone. This means that you can still put a floppy disk in the drive and get bitten by a virus. Now this is not a matter of inconvenience, Microsoft has already introduced the inconvenience of logging in, the operating system just doesn't follow through with what it promised.
Is this an oversight or is it planned? It matters little. It does mean that protection is essentially non-existent until Microsoft gets it's act together. In part it comes from the legacy of no protection. Often commercial products feel free to write to files anyplace they choose. Even overwrite themselves. If the protections available in Win NT are turned on then these programs stop working. If Microsoft turned on the protection then many users would be inconvenienced and probably blame Microsoft rather than the commercial products. But the result is the same. Protection that is present in the Win NT operating system is useless unless it is used. And Microsoft doesn't even use it for it's own system code.
If I try to protect my files against tampering and viewing, all a crook has to do is change the system to do the work for him. Say the crook replaces MS Word to drop a copy of everything I edit in a temporary directory. Maybe it will even wake up later, check to see if I'm connected to the internet and take the opportunity to upload my files to his machine, without my knowing it's happening. Or just to be vicious it will wake up on April 1st and wipe my disks clean.
There is no protection offered by the operating system until the operating system is protected itself. Microsoft has failed to do this in Win NT. They opted for the cheap security solution, post a sign that says "Beware Rotweiller" but they didn't go out and buy the dog. On top of that, to make you believe that security is present they put three locks on the door and make it inconvenient for you to get in. They tend to brag about the "secure file system in NT". Any server Microsoft supplies has all these problems and can go bad at a virus's whim. Beware the Emperor who has no clothes; no matter how many fine people complement him on his new suit.
BUZ
Webmaster, ServeNet
© 1997 Robert Uzgalis. All Rights Reserved.