Thread: computer clocks
View Single Post
  #153   Report Post  
Mary Fisher
 
Posts: n/a
Default

"Stefek Zaba" wrote in message
...
Mary Fisher wrote:


more confused than ever but that says more about me than about you

No - the fault is mine. Let me try a boil-down version.

Windows starts with the idea that all programs are benign. It expects
they're all acting in the interests of the single person who owns and
operates the PC. If anyone finds a way of sneaking some program or piece
of program onto the machine, that malicious software will have the right
to access and change any existing information anywhere on the PC, and do
anything a legitimate program could.

For example: it can search for files which have sixteen digits in a row in
them (maybe with spaces at every 4th position);

OK, I'm lost already. Look, I'm saving all these posts and promise I shall
read, mrk and whoatnot when I get back. At the moment my brain hurts just
trying to remember how many socks to take to Wales ...

Mary




it can then connect to some other machine Out There and send a copy of
that file, which contains a likely credit card number and maybe other
information which makes it easier to use that card number fraudelently. Or
it can launch a program which will accept an incoming connection from a
Bad source of control, which causes the PC to send spam or other nasty
traffic to other machines. And it can attach these bits of program to all
the existing programs - because it has the right to write to any file,
including the ones where programs are stored.

Unix starts with the other idea: that there's a restricted set of things
which "ordinary" users can do using "ordinary" programs, and only when
they explicitly say "I'm acting as the Administrator of this system right
now" - typically by logging in under a different username - can they write
to program files, scan the contents of all files, or add "always launch
this program when starting the system" entries.

It's not an absolute defence - the example of setting up a "listen for
commands from Out There" program isn't forbidden under most Unixes[1]. But
it is a fundamental difference in the way the two systems are designed and
run in practice. Later versions of Windows have the capability to be
better-defended, but typically aren't set up to take broad advantage of
those capabilities.

Future versions of Windows will further increase the amount of defence -
including using some new hardware features developed under the "Trusted
Computing" banner. Unfortunately for the industry at large, as a
consequence of MS's legally proven abuse of their dominant market
position, there's much suspicion of the motives behind their adoption of
this technology...

HTH - Stefek

[1]On my OpenBSD boxes, I run /home mounted with the "noexecute" option,
so "by default" when running as ordinary-mortal I can only execute
programs from partitions which I don't have write-access to, such as / and
/usr. But it's still not an absolute defence, merely another hurdle for a
determined attacker to overcome. As with physical security, the (unmutual
;-) aim is not to make one's computer/house impregnable, but to make it
harder than other peoples' computers/houses to break into!

I adopt a similar discipline on my XP box - the user under which I log in
normally doesn't have Admin rights, has only read access to most of the
files in the directory where I install programs, and so on. It's a pain to
run this way - far too many programs assume they can scribble in their
install directories, and it's a PITA to track down which file they'd like
to write to and open up that particular one. MS Office sins this way, even
though it's supposedly "Win XP compatible" - having first installed it as
God, every time I ran an Office app as Mortal it spent about 4 dialogue
boxes trying to install/customise something or other in the
place-I-install-programs directory. I only managed to shut it up by upping
the privileges of my "ordinary" user to Godlike status briefly, to allow
it to do its Magick Customisation or whatever, and having returned the
Ordinary user to Mere Mortal status the Office apps no longer whinge on
startup. But the effort to run in this reduced-privilege way is well
beyond the "can I be arsed" threshold for sensible people...


Reply With QuoteReply With Quote