[LINK] Schneier on Storm Worm

Craig Sanders cas at taz.net.au
Sat Oct 6 21:41:13 AEST 2007 

On Sat, Oct 06, 2007 at 12:29:18PM +0200, Kim Holburn wrote:
>> [re: unix-style permissions]
>>
>> In 1971, this might have been acceptable: it was 20 years before the 
>> advent of the Web, and the threat model for most computer users was 
>> entirely different than the one that applies today. 

actually, real ACLs have been around for years on several unix
filesystems - including several on linux (at least ext2/3 and xfs that
i know of for sure, others as well. ext2 and ext3 are THE most commonly
used filesystems on linux - they are the default/de-facto standard)

btw, for those who don't know, a filesystem is the disk "format" used -
analogous to FAT or FAT32 or NTFS formats on windows.


for almost all day to day usage, though, unix permissions are good
enough, and very simple to use. the more flexible (and more complicated)
acls tend to be used only where absolutely needed. and even systems
that use them, tend only to use them for particular files, directories,
and/or applications....the bulk of the system using plain old unix
perms.

>> But how, then, is it a surprise that we can't stop viruses and
>> malware now, when our defenses have remained largely unchanged from
>> thirty-five years ago?

thirty-five years ago we didn't have hordes of ignorant and
disinterested people using computers.

and, just as significantly, 35 years ago nobody would have accepted an
operating system with as many flaws as windows - ok, security wasn't
the pressing issue then that it is now, but there were other issues and
nobody would have accepted an OS that didn't deal with THOSE issues
properly. in many ways windows is LESS secure than systems from years
ago - microsoft hasn't just failed to learn from history, it actively
ignores it and introduces "features" for THEIR own convenience without
regard to security or their users' needs.



> As for Microsoft: when are people going to start not accepting
> products that can't do the job?  A bit of pressure from consumers and
> even companies may start to change the scene but if you have 95% OS
> OEM bundling lockin most people never have anything to compare Windows
> to.

never.

even those who are vaguely aware that there are alternatives firmly
believe that windows was so difficult to learn that anything else will
be at least as hard so refuse to even bother - without realising that
a large part of the reason why windows is so difficult is due to the
fact that it is broken and brain-damaged by design. the hardest part of
switching would be unlearning the stupidity and brokenness of windows
rather than learning something better.


craig

-- 
craig sanders <cas at taz.net.au>

BOFH excuse #196: Me no internet, only janitor, me just wax floors.

More information about the Link mailing list