[LINK] Schneier on Storm Worm

Kim Holburn kim.holburn at gmail.com
Sat Oct 6 20:29:18 AEST 2007 

Actually for this sort of thing we will probably have to move to a  
better model than linux/Unix eventually.  Has anyone had a look at  
bitfrost?  <http://wiki.laptop.org/go/Bitfrost>  It looks fascinating  
from a security point of view.  It is a complete redesign of security  
of computer systems.

> In 1971, AT&T programmers Ken Thompson and Dennis Ritchie released  
> the first version of UNIX. The operating system, which started in  
> 1969 as an unpaid project called UNICS, got a name change and some  
> official funding by Bell Labs when the programmers offered to add  
> text processing support. Many of the big design ideas behind UNIX  
> persist to this day: popular server operating systems like Linux,  
> FreeBSD, and a host of others all share much of the basic UNIX design.
>
> The 1971 version of UNIX supported the following security  
> permissions on user files:
>
>     * non-owner can change file (write)
>     * non-owner can read file
>     * owner can change file (write)
>     * owner can read file
>     * file can be executed
>     * file is set-uid
>
> These permissions should look familiar, because they are very close  
> to the same security permissions a user can set for her files  
> today, in her operating system of choice. What's deeply troubling —  
> almost unbelievable — about these permissions is that they've  
> remained virtually the only real control mechanism that a user has  
> over her personal documents today: a user can choose to protect her  
> files from other people on the system, but has no control  
> whatsoever over what her own programs are able to do with her files.
>
> In 1971, this might have been acceptable: it was 20 years before  
> the advent of the Web, and the threat model for most computer users  
> was entirely different than the one that applies today. But how,  
> then, is it a surprise that we can't stop viruses and malware now,  
> when our defenses have remained largely unchanged from thirty-five  
> years ago?

As for Microsoft: when are people going to start not accepting  
products that can't do the job?  A bit of pressure from consumers and  
even companies may start to change the scene but if you have 95% OS  
OEM bundling lockin most people never have anything to compare  
Windows to.

<http://www.cybersource.com.au/users/conz/ 
why_the_unbundling_windows_sceptics_are_wrong.html>
Non Apple Mail screwed-up URL:
<http://preview.tinyurl.com/2l6hwj>
> Why the Unbundling Windows Sceptics are Wrong

> Firstly, why should competition regulators even bother pursuing this?
>
> A few years ago, I ran through a couple of scenarios which showed  
> that the reduced competition in the PC platform software space cost  
> consumers over $10 billion per year. More recently, a court-case in  
> Europe showed an incredible 52% of the price of a new Acer laptop  
> was constituted by the forced-bundling of Microsoft and other  
> Windows platform software. It is also obvious that none of this  
> additional expense for software would be necessary if Acer shipped  
> Linux instead, because all the functionality delivered by the  
> bundled software is available on Linux, at no cost. When you find  
> that the price of Microsoft's software tax is more than the price  
> of the computer hardware, you know it's time to act.



On 2007/Oct/06, at 12:25 AM, Stilgherrian wrote:

> On 6/10/07 8:05 AM, "Howard Lowndes" <lannet at lannet.com.au> quotes  
> Schneier:
>> "Redesigning the Microsoft Windows operating system would work, but
>> that's ridiculous to even suggest."
>
> I was about to write "I don't actually think it's ridiculous. It's  
> just a
> matter of will. Apple re-wrote their operating system stack when  
> moving from
> MacOS 9.x to OS X and it all went quite smoothly, considering."
>
> But then I thought... Is that a reasonable comparison? Or is there  
> something
> fundamentally different about the way Windows and MacOS 9 are  
> constructed
> that makes them different classes of task?
>
> I agree that there might be factors that make the Windows re-write  
> harder.
> Perhaps there are more and messier low-level program hooks to deal  
> with. But
> is that something fundamentally different, or just more "stuff" of  
> the same
> kind? If the latter, then what's stopping them getting on with the  
> job?
>
> "It would cost a lot of money" shouldn't be an excuse. If I sell  
> 100,000
> cars and it's later found that my design isn't fit for the public  
> roads, I
> still have to fix them.
>
> Yes, there might be a big impact on the US economy, because  
> Microsoft is a
> major company. But diddums. Having to deal with these constant  
> problems
> ain't exactly cheap either.
>
> I'm sure once I have another coffee I'll see the fundamental flaw  
> in my
> reasoning. :)
>
> Stil
>
>
> -- 
> Stilgherrian http://stilgherrian.com/
> Internet, IT and Media Consulting, Sydney, Australia
> mobile +61 407 623 600
> fax +61 2 9516 5630
> ABN 25 231 641 421
>
>
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294  M: +39 3494957443
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the Link mailing list