Saturday, April 08, 2006

Another look at Windows security - or the lack thereof

I posted about Windows security here earlier in the week. I'd found the collection of quotes on a Yahoo message board that ended with the advice of Mike Danseglio to "nuke" infected systems and then reload Windows. Now there's this commentary from no less than Robert X. Cringely:
Last week, a Microsoft data security guru suggested at a conference that corporate and government users would be wise to come up with automated processes to wipe clean hard drives and reinstall operating systems and applications periodically as a way to deal with malware infestations. What Microsoft is talking about is a utility from SysInternals, a company that makes simply awesome tools.

The crying shame of this whole story is that Microsoft has given up on Windows security. They have no internal expertise to solve this problem among their 60,000-plus employees, and they apparently have no interest in looking outside for help. I know any number of experts who could give Microsoft some very good guidance on what is needed to fix and secure Windows. There are very good developers Microsoft could call upon to help them. But no, their answer is to rebuild your system every few days and start over. Will Vista be any better?

I don't think so.
The killer to Microsoft's security efforts is the proliferation of stealthed root kits that virtualize the environment Windows runs in, literally hiding beneath the operating system. They're nearly impossible to detect, let alone remove. It's no wonder that Microsoft is now saying just to reformat and reinstall.

And the insecurity of Microsoft Windows goes hand-in-hand with the design of the PC. The PC was initially meant to be open, just like the Apple II the original PC was competing against. Over time the hardware has stayed open, and thus insecure. Any attempt to provide hardware lockdowns has resulted in accusations that the Big Corporations what to lock down Your Personal Computer for their nefarious (and profitable) ends. Everything from Intel's unique hardware ID on the Pentium III to Microsoft's Palladium to current TPM hardware chips. Until there is strong security support in the hardware (and I don't mean user vs. supervisor mode) there won't be strong security in the operating system. The only company that could pull it off would be Apple. I hope they do. That will drive even more people to the Mac platform, and put greater pressure on the rest of the hardware vendors to clean up their act. Apple has the greatest chance for succeeding because they design both hardware and software.

No comments:

Post a Comment

All comments are checked. Comment SPAM will be blocked and deleted.

Note: Only a member of this blog may post a comment.