Thread: Windows virus?

Admittedly VBA was not built with security in mind. Thank goodness the technology has been dropped for a few years already.

Originally Posted by cyberfish

With so many unsafe default settings, one needs to be very experienced/knowledgeable with it to make it secure.

Drop the "very", and you'll basically hit it.

Yes, one needs to be knowledgeable about the operating system in order to use it safely. What I question is why you question this? Where exactly is the problem in being knowledgeable about the operating system? I'm even more surprised when this argument comes from a Linux user who are reportedly very knowledgeable people about their own operating systems.

Let me try and break it down to you in the following manner - If anyone sees some flaw in my reasoning please do correct me.

Up until recently (up until mid-life of the XP operating system, I would wager) Microsoft strategy was to place security features out of the way of the user. They were still built at the core, and through OS internal tools, but for the most part they were set so that that they didn't interfere with the user day to day operations. If a security feature could be turned on without affecting user experience, it would. Otherwise its default would be off. All this in the name of a friendlier user experience. This strategy had its pros and cons. Power users liked it, newcomers didn't know what to think, and other platform evangelists used it to blurb about Windows not being secure. All in all, Windows kept on moving which is more or less what mattered.

It was then the task of the user to set those features they wanted. In the meantime, the Windows operating system always spawned a considerable market of commercial and non-commercial 3rd party tools which addressed many security concerns and established themselves through time as the standard means of securing your computer. Anti-virus, personal firewalls (don't confuse with software firewalls which don't offer application level protection), system maintenance tools, etc...

This is the way we do it in Windows. And you better get used to it, instead of complaining about it, since the latter will get you nowhere. Except for...

Somewhere down the line, and along the life of Windows XP, it became noticeable that Microsoft started to shift their position regarding OS security. On behalf of so many complaints like the ones you do, Microsoft started to push security in front of user experience and forcing us to work the other way around (disable security features, instead of enabling them). This culminated in the Vista operating system which is, right after installation, arguably the least user friendly operating system Microsoft ever developed.

In fact, because people always preferred to complain about the non existing lack of security in the windows operating system, instead of educating themselves on those features and learn how to use them, is the reason we have Vista the way it is... a dumb down operating system that tries to think for you, obviously can't, and shuns away from power users who, in the face of so much "simplicity", can't understand how to work with it.

That is the price of... ermm... success. Because so many use it, and because the vast majority doesn't want to become computer savvy, the operating system is made to be stupid, pretty and with big buttons. Vista is pretty much the archetypal blond.

So, if you want that kind of stuff cyberfish, there you go. Get Vista and some (not all) of your security concerns will be addressed right of the box. You'll love UAC. Meanwhile, windows XP is not for you. It has been built differently, in a different time when Microsoft was still walking with its arms outstretched in search of the user-friendly and secure paradigms.

If on the other hand, you decide to draw from your Linux experience and understand that:

a) Windows was just created to be like this and that is the acceptable way of working with it (up until Vista that is. Lets see if they drop all this nonsense with the next version);

b) Complexity is only apparent. It's a false perspective. You change the way you do things and that seems complicated, when it isn't in fact. Complexity is just the result of lack of training. Being myself a newcomer to Linux I could report to you the fact the damn thing was so confusing in the beginning, I messed up three times already forcing me to reinstall it. And yet, you don't hear no whining from me, do you? "Oh Linux is so complicated. Buaah!"

c) You don't want to be another numbered Duh in the wold of computer users. We are creating a generation of big Duhs with all this ridiculous User-Friendly pop culture byproduct. By complaining about how complicated it is, you are effectively telling your teacher you don't want to learn philosophy because your head is too small and you are more interested on iPods and 3rd season TV series.

You'll pull up your sleeves and stop the whining, mate.

Nah... I'm not that safe on Linux when being a newb. In fact, there's nothing more dangerous to Linux than a newb with computer knowledge, as my latest menu.lst edit revealed when I realized I couldn't boot the computer anymore.

That's more devastating than what many computer virus can do these days.

If there is a price for newbness, on Windows you pay it in network security, on linux I pay it in system integrity.

Vista security is not user-friendly. Worse, it's not user-logical. By that I mean the following:

1) I enter the control panel and go to the network settings.
2) I change the network settings.
3) I press OK.
4) A dialog pops up, asking me to confirm my change of the network settings.
5) I go, "Huh?"

As a computer engineer, I know why this happens: a program could change those settings without user interaction, and the dialog is sent from the inaccessible security layer to confirm that it was really the user who did that, not some malicious program.

As a normal user, I have no idea what the difference between normal programs and the security layer is, and I simply get annoyed that I have to confirm the action I just took. Sometimes, if the configuration dialog has its own extra confirmation, I have to confirm my changes thrice! (Click OK on the dialog, click OK on the confirmation, confirm for UAC.)

Here's another example of user-unfriendly security, this one dating to XP: my uncle wanted to book a rental car via the web. Aside from the sites being extremely unfriendly (not Windows's fault), there was another subtle problem. The one my uncle went with wanted him to fill out a big form. He did, then got to the field that asked for the credit card details, so he went to fetch his card.
While away, Windows Update decided to restart the computer, because that's what it does if you don't explicitly tell it to stay. Needless to say, the form information was lost.

Sure, restarting the computer after a security update in the core OS is important, because if you don't, the update isn't in effect and you're still vulnerable. Still, that Windows will go for the destructive option by default and with a timeout is not nice.


These are the times when I think that there has to be a better way.

UAC was explicitly made to annoy and not as a security measure, though... Microsoft admitted that.
Or rather, it is a security measure in such a way that it would force application developers to stop creating admin-only apps. But nothing other than that.

Regardless, I hold no love for UAC. When I did test Vista, I always disabled it completely.
And Windows Update is also something that I avoid like the plague. Want something from there? Then I go to the website, because it doesn't force stuff down your throat. Although it does demand a reboot after installing the updates which is pretty annoying.

Well, most of the time it probably does. It's just bad PR to tell.

If Windows knows better than its users, depends on what its user knows. Because of this, the path has been taken to treat everyone equally dumb, with the option to turn it off in case that's just not true.

The irony is that by making it easier to use by everyone, the operating system is making it considerably harder on itself. Because:

a) This type of security features operating at an higher abstraction layer (that of the UI and of guess work) is falling down on the operating system, increasing its code size, changing usage patterns with very new version and making it considerably harder to use. Every attempt at mitigating the effects can only be done through lots of brain power being poured in, more code and more complex code, making the whole thing more expensive (money-wise too). All this energy could instead be diverted towards building security features at the core and delegating the rest to 3rd party tools.

b) In other words, the operating system is calling on itself a responsibility it shouldn't have. On most cases this means protecting the users from themselves. As new threats are devised and new ways for these threats to operate are arranged (some targeting exactly the new security features) the need for new solutions accumulate and need to be addressed by creating even more code, even more complex code and eventually even more changes in usage patterns.

c) Since the operating system demands less and less thought from the user, it creates less and less informed users, which only complicates matters since invariably this leads to more dumb down features to make up for the increased lack in computer expertise.

d) Similarly, because the operating system calls on itself the task of protecting users from themselves (or provide at the UI level security features that should instead be present at the core where they would be more effective and future-proof), it gives birth to - this time rightful - complaints when those security features are not sufficient or fail to operate as intended due to bugs or new threats being devised. What I mean is that because it's now the operating system responsibility, it is also the operating system fault. So... ever increasing maintenance work, ever larger maintenance teams and, worst, an ever increasing need for post-sales support. Costs only tend to rise and consequently price.

...

Necessarily that's more or less how things work. That is, one can't expect developments in the computer area to not be matched with more complexity. But the question remains if is there any effort to reduce the entropy. My personal answer is no. On the contrary, I think operating systems the likes of Windows are making things exceedingly complicated by blindly following the marketing pattern of "make it simple to use". The bubble will burst one day if it keeps moving this way. Bill Gates himself admitted Vista should have been given more thought. What's extraordinary, he did it before launch day.

...

My opinion, and to finalize, operating systems security features should be made at its core as architectural features (for instance root on Linux). Any security features implemented at the UI level should reflect these core features and no more. Anything else being implemented at the UI level are usually nothing more than band aids meant to address an incomplete architecture. This isn't necessarily bad, but should be instead addressed either by 3rd party tools or OS tools that stay out of the way unless the user turns them on.

Microsoft Windows has a long standing record of insecure features and insecure all around demeanor. Some well deserved, but most not really. Regardless, the thought of Windows being an insecure operating system has been popularized since maybe Windows 95 and yet it didn't stop it from remaining the most popular operating system and keep increasing its quota and sales.

Will this change of heart change things? It definitely has for me since I lost all interest in Windows after around 20 years (I've arrived a little later in the scene Bubba, around 3.something) of using it, and have changed to Linux. The reason I'm writing this on Windows still is merely because a) Windows XP is still being supported until 2010 and b) I'm still in the process of switching from Visual Studio C++ and don't wish to throw away the considerable investment I made in C++ windows development applications in the past couple years.

But all in all, I do everything else in Linux and am loving in it what I learned to love in Windows. I.e. It doesn't try to get in my way.

Originally Posted by cyberfish

I like the nice core and UI separation in Linux. All the UI stuff are just graphical wrappers around lower level stuff (eg, gksudo for sudo, iptables has several GUI frontends, file permissions can be changed in Nautilus, etc). In a sense, UI stuff is bound by lower level security features (the user priv system, sudo, etc). That makes the task of securing the OS easier. They only need to make sure the system is secure at the core level, as what one can do with UI is strictly a subset of what one can do at any lower level. There's a nice hierarchy here, and only the base needs to be secured.

Can you list something in Windows (NT and up) that had security only in the UI layer and not in the core ? Because this concept is great, but not unique to Linux.