A friend of mine suggested that I should include as boilerplate in my security stories, a line like: "Of course, if you were running desktop Linux or using a Mac, you wouldn't have this problem." She's got a point. Windows is now, always has been, and always will be insecure. Here's why.
First, desktop Windows stands firmly on a foundation as a stand-alone PC operating system. It was never, ever meant to work in a networked world. So, security holes that existed back in the day of Windows for Workgroups, 1991, are still with us today in 2009 and Windows 7.
Most of these problems come down to Windows has IPCs (interprocess communications), procedures that move information from one program to another, that were never designed with security in mind. Windows and Windows applications rely on these procedures to get work done. Over the years they've included DLLs (dynamic link libraries), OCXs (Object Linking and Embedding (OLE) Control Extension), and ActiveX. No matter what they're called, they do the same kind of work and they do it without any regard to security.
Making matters worse is that they can be activated by user-level scripts, such as Word macros, or by programs simply viewing data, such Outlook's view window. These IPCs can then run programs or make fundamental changes to Windows.
It also doesn't help any that Microsoft's data formats can be used to hold active programming code. Microsoft Office formats are commonly used to transmit malware. Microsoft's latest Office 2010 tries to deal with this by blocking all but read access to documents or 'sandboxing' them.. Since you can't edit a sandboxed document, I'm sure that's going to go over really well. Of course, what will actually happen is that users won't use the sandbox utility, and they'll just spread malware instead.
This data format 'functionality' and easy 'application-to-file-to-application' IPC is in Windows because it makes it simple for Windows programs to share data. That's great in a stand-alone PC when you may want to have your PowerPoint chart automatically change to reflect the new information in an Excel spreadsheet. But, that same power is a permanent security hole in a PC that's hooked up to the Internet.
Besides that, Windows, again harking back to its single-user, stand-alone ancestry all too often defaults to requiring the user to run as the all-powerful PC administrator. Microsoft has tried to rid Windows of this, with such attempts as UAC (user account control) in Vista. They've failed. Even in Windows 7, it's still easy to bypass all of UAC's security. Microsoft has claimed they fixed some of those bugs.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
I moved from Windows to
I moved from Windows to Ubuntu, because I just got tired of the virus & spyware scanning, disk defragging, cleaning up the crap files created in the filesystem, system slowdowns, ...Now I just use my computer. Imagine that!
I believe you'll find that
I believe you'll find that IPC only works between processes at the same privilege level, as i understand it you can't use such tools to communicate with ring-0 or elevate yourself from ring-3 to ring-0However if you are already running as an admin user then
that safeguard doesn't apply. as for being required to run as an admin? Personally i blame game companies for writing games that require admin access.
most home users will run as an admin because they want their games to work. i've never seen a microsoft game or productivity app that required admin access (not counting utilities to configure the system) it's always been a 3rd party game or tool that required it. So that's not microsoft's fault. if you want to blame anyone, blame the 3rd parties who can't code properly.
The its worse.
If what you say is true about IPC and ring 0 on windows, then it suggests that Windows security is even worse than what Steven alludes.