f



Why does Windows allow Worms?

Hi guys!

How can there be so many Worms and Viruses affecting Windows only?
Why does Windows execute every bit of code it can find in an email?
I'm not an expert on exploits, but apparently Linux machines are less
virus prone.
Can some one tell me what the reason for that is, because it seems to
be a major issue in the computer world and it puzzles me.

Anton
-1
berrybear (20)
5/4/2004 10:16:37 PM
comp.windows.misc 3201 articles. 1 followers. Post Follow

83 Replies
816 Views

Similar Articles

[PageSpeed] 59

Part of the issue is that if you wanted to write a worm that would spread as
fast as possible, would you design it to spread on Linux machines, or on
Windows machines?  There are some many more opportunities to get a hit
because there are so many more Windows targets.

  WT

"Anton" <Berrybear@gmx.net> wrote in message
news:66e6f36b.0405041416.7f0ca7e5@posting.google.com...
> Hi guys!
>
> How can there be so many Worms and Viruses affecting Windows only?
> Why does Windows execute every bit of code it can find in an email?
> I'm not an expert on exploits, but apparently Linux machines are less
> virus prone.
> Can some one tell me what the reason for that is, because it seems to
> be a major issue in the computer world and it puzzles me.
>
> Anton


-1
5/4/2004 10:34:22 PM
Berrybear@gmx.net (Anton) writes:
> Hi guys!
> 
> How can there be so many Worms and Viruses affecting Windows only?
> Why does Windows execute every bit of code it can find in an email?
> I'm not an expert on exploits, but apparently Linux machines are less
> virus prone.

That correct. Linux and Mac are much less vulnerable to malware.  

> Can some one tell me what the reason for that is, because it seems to
> be a major issue in the computer world and it puzzles me.

Much has been written on this, and I suspect this thread will go on
forever.  To varying degrees of agreement the basic tenets are:

        Windows is the lowest hanging fruit, and bar far the most
        common installed desktop.  Hence the ripest target for an
        attacker wanting to commandeer numbers of machine for their
        play.

        Microsoft's monoplistic practices and dominance are a target
        of much loathing.  Hence, digital vigilantes tend to take much
        pride and swagger in attack it to bring it down.  
        Political analysts, take note--there are lessons here.

        Microsoft has long adopted a "make it work easy" stance on
        installed services and features and only recently started
        making security defaults anything of a priority in its coding
        or default settings.  This leaves a default installation of
        many Windows boxen running services that can be exploited,
        such as the LSASS service that is the target of the latest
        Sasser worm. This ease-of-use stance also leaves a default
        installation of Outlook doing Way Too Many Things(tm), and a
        default installation of Internet Explorer allowing Way Too
        Many Things(tm). 

        Windows source code is not subject to the scrutiny and review
        that an open source piece of software (like Linux) is.  The
        security or lack thereof that this brings is open to much
        debate.  Closed-source advocates claim that there is security
        in the obscurity of proprietary code, while open source
        advocates and most security professionals say that security
        through obscurity is neither as secure nor as obscure as one
        might think, and that open reviewable source code yields more
        secure code and patched code quicker than a closed-source
        model where you have to wait for one vendor to fix everything.

        In either model, you have to have a user community that
        actually performs updates routinely though.  Microsoft doesn't
        make that very darned easy for users lacking broadband
        connections, however.  WindowsUpdate over dialup is ugly, and
        there's no way to allow your broadband-enabled neighbor make a
        CD for ya easily to get you all the patches you might need.


I'm sure there are other reasons, but you get the idea.

Best Regards, 
-- 
Todd H.
http://www.toddh.net/
-1
comphelp (872)
5/4/2004 11:02:11 PM
In article <c797d7$1ne$1@e250.ripco.com>, comphelp@toddh.net says...
> That correct. Linux and Mac are much less vulnerable to malware. 

Two different MAC OS-X holes were just announced this past week and 
patches are out now. MAC OS-X is based on a Nix platform.

-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
-1
void9321 (1523)
5/5/2004 12:52:40 AM
Well I think you answered your own question.  If Gates would burn
his OS into a prom chip then he would defeat the most vulnerable
part of the PC system.  Most virus' that really knock your machine
dead are "monkey" types that go straight to the mbr on your machine
and cream it.   The other stuff that comes via email is annoying,
but if no open attachments, you cant get an attachment via that
email route.  Browsing even permits a big avenue for someone
to hit you as it checks and creates cookies everytimg you go to
a link.
              Kokomo Joe


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


-1
jfenn (344)
5/5/2004 1:13:46 AM
Leythos <void@nowhere.com> writes:

> In article <c797d7$1ne$1@e250.ripco.com>, comphelp@toddh.net says...
> > That correct. Linux and Mac are much less vulnerable to malware. 
> 
> Two different MAC OS-X holes were just announced this past week and 
> patches are out now. 

Just two?  I hereby stand by my statement.  

No one should kid themselves--*nix, Linux, and Mac OSX are certainly
far from free of security related vulnerabilities, but malware such as
viruses and worms are another matter.  Buffer overflows aren't
uncommon to find and such on the nix platforms for folks who follow
the advirosry lists, etc. But as for worms, paticuarly email borne
worms and viruses, windows really takes the cheese on being victim to
such malware by a huge proportion. 

> MAC OS-X is based on a Nix platform.

Yes indeed OS-X is based on BSD UNIX under the covers, which
contributes to its wonderfulness.  I sure wish I could afford a G5
desktop box.  They're sweet.  

Best Regards, 
-- 
Todd H.
http://www.toddh.net/
-1
comphelp (872)
5/5/2004 5:26:46 AM
Anton wrote:

> Hi guys!
> 
> How can there be so many Worms and Viruses affecting Windows only?
> Why does Windows execute every bit of code it can find in an email?
> I'm not an expert on exploits, but apparently Linux machines are less
> virus prone.
> Can some one tell me what the reason for that is, because it seems to
> be a major issue in the computer world and it puzzles me.
> 
> Anton

It's a "feature."

-- 
The e-mail address in our reply-to line is reversed in an attempt to
minimize spam.  Our true address is of the form che...@prodigy.net.
-1
abujlehc (580)
5/5/2004 5:31:49 AM
comphelp@toddh.net (Todd H.) wrote:

>        Microsoft doesn't
>        make that very darned easy for users lacking broadband
>        connections, however.  WindowsUpdate over dialup is ugly, and
>        there's no way to allow your broadband-enabled neighbor make a
>        CD for ya easily to get you all the patches you might need.

That's not entirely correct. It is possible to download the patches
without installing them. Not easy, though, this function leaves a lot to
be desired.




JK'04
-1
varros (4)
5/5/2004 6:32:17 AM
The voice of "Anton" drifted in on the cyber-winds, 
from the sea of virtual chaos...

> How can there be so many Worms and Viruses affecting Windows only?

Duh, because it popular!  }:8b

> Why does Windows execute every bit of code it can find in an email?

Actually it doesn't... 
All current versions of OE (since 5.5?) "ship" with default settings to 
protect the newbie user, until they're disabled.  

But is it right blame OE for users that are "gullible" enough to 
execute unknown code?  It's not the hammer that makes mistakes, but the 
carpenter using it.  So if the user opens an attachment, and Windows 
obliges them by opening it, isn't that what the user wants?

It's the user who's in control of his PC.  Except for a few worms most 
"virals" are user installed, even if it was unintentional.  They were 
the ones who opened and executed the attachment or download an infected 
program in the first place.

> I'm not an expert on exploits, but apparently Linux machines are
> less virus prone.  Can some one tell me what the reason for that
> is, because it seems to be a major issue in the computer world and
> it puzzles me.

Aside from this being an "obvious trolling", by a Nix user trying to 
hide his system by posting though Google?

Basicly *Linux has an geekier user base...*
That and the fact that nix systems have a different security model.

-- 
The Tech Zero, Maxx Pollare - watching the "Sasser" worm spread...
-1
5/5/2004 9:50:42 AM
Hi Anton,

> How can there be so many Worms and Viruses affecting Windows only?

There are much more windows machines in world. ;-)

Some other intersting arguments are that in general other system users
(like Linux, BSD, etc) are much more aware of BASIC of security and as
consequence are users less dummys. hehehe ;-)

> Why does Windows execute every bit of code it can find in an email?

Bad design !? :P

> I'm not an expert on exploits, but apparently Linux machines are less
> virus prone.

Yes, but it's possible to write as in ANY OS, but the spread infection
will not have the SOME impact in nowsday, by default polices, rules,
users knowledge, etc. ;-)

> Can some one tell me what the reason for that is, because it seems to
> be a major issue in the computer world and it puzzles me.

In general IF you have a good police under windows + overflow prevents
you can stop much more then 85% of nowsday virus. ;-)

Regards.

Mercenarie's Club Member =>  http://cdm.frontthescene.com.br
Front The Scene Team     =>  http://www.frontthescene.com.br
Personal Page            =>  http://ws.frontthescene.com.br
-1
wendel (8)
5/5/2004 2:37:33 PM
Berrybear@gmx.net (Anton) wrote:

>Hi guys!
>
>How can there be so many Worms and Viruses affecting Windows only?
Because >90% of all PCs run with Windows. A virus writer has a
much better chance to reach his target: The name of his virus in
the "Tagesschau" (daily TV news)

>Why does Windows execute every bit of code it can find in an email?

All "why" questions have to be answered by Microsoft. 
Nobody else can tell the cause.

>I'm not an expert on exploits, but apparently Linux machines are less
>virus prone.

No. They are not. There are also lots of security issues in Linux
(and all other *nix versions) But you need to know the special
bulletin boards, where they are discussed - and fixed.

And there are very much different flavors of Linux then of
Windows. I know 30+ different ftp services and about 20 mail
servers for Linux. On top there are a lot of different versions
installed. So it is much more difficult to use a known bug for an
attack. It will work only on a small range of servers. - And most
Linux PCs are much more carefully configured than Windows. This
will change, when Linux becomes more popular. Users want to USE
the PC. They don't want to configure. They don't want to patch.
They don't want to admin.

Reinhardt
-- 
begin  vcard.exe
fSuIh8u9czRCCkF4wdnBnDUo8gS4nZ5vx3CNG+k+Ooxim2vhIo
L9gg6nDb11Q6RrMMjv+hsKH0binu/qws2FxNpoPsEsvPiTe6tm
end
-1
Reinhardt
5/5/2004 5:36:30 PM
On 4 May 2004 15:16:37 -0700, Anton <Berrybear@gmx.net> wrote:
>How can there be so many Worms and Viruses affecting Windows only?

Don't you remember when the first internet worm hit us in the 1980s?
It infected Unix systems, and damn near closed down the whole net
for a short period of time.

>Why does Windows execute every bit of code it can find in an email?

Because Microsoft delights in designing in automation features which
are dependent on events being triggered by specialized byte streams
in messages and documents. (You would think they would have learned
after the problems with the Word 6 auto-execute-macro that couldn't
easily be disabled.)

Yes, one of the reasons that Windows is such a prime target is that
it is so popular, but that is only part of the story. Due to the
aforementioned automation features Windows is pretty much a virus
writer's dream environment.

Having said this, Unix-based OSes such as Linux have their vulnerabilities
also, but they tend to be of a different type. (Aimed more at servers
running public services than at end users.)

>I'm not an expert on exploits, but apparently Linux machines are less
>virus prone.

They are less prone to email-borne viruses because most Linux and Unix
email programs will not execute active code in a message.  But I can
guarantee that if you leave an outdated ftp or web server running
exposed to the internet on such systems you will likely get hacked.

>Can some one tell me what the reason for that is, because it seems to
>be a major issue in the computer world and it puzzles me.

That's an "ask Bill Gates" question. :-)

-- 
  Roger Blake
  (Subtract 10 for email.)
-1
rogblake10 (159)
5/6/2004 12:48:13 AM
"Anton" <Berrybear@gmx.net> wrote in message
news:66e6f36b.0405041416.7f0ca7e5@posting.google.com...
> Hi guys!
>
> How can there be so many Worms and Viruses affecting Windows only?
> Why does Windows execute every bit of code it can find in an email?
> I'm not an expert on exploits, but apparently Linux machines are less
> virus prone.
> Can some one tell me what the reason for that is, because it seems to
> be a major issue in the computer world and it puzzles me.
>
> Anton

That's like asking why more Hondas and Toyotas get stolen then Ferraris and
Porsches.


-1
5/6/2004 3:44:17 AM
Jerry Polyak wrote:

> "Anton" <Berrybear@gmx.net> wrote in message
> news:66e6f36b.0405041416.7f0ca7e5@posting.google.com...
> 
>>Hi guys!
>>
>>How can there be so many Worms and Viruses affecting Windows only?
>>Why does Windows execute every bit of code it can find in an email?
>>I'm not an expert on exploits, but apparently Linux machines are less
>>virus prone.
>>Can some one tell me what the reason for that is, because it seems to
>>be a major issue in the computer world and it puzzles me.
>>
>>Anton
> 
> 
> That's like asking why more Hondas and Toyotas get stolen then Ferraris and
> Porsches.
> 
> 
Yeah, Ferraris and Porsches have better security.


-- 
The e-mail address in our reply-to line is reversed in an attempt to
minimize spam.  Our true address is of the form che...@prodigy.net.
-1
abujlehc (580)
5/6/2004 4:38:07 AM
You left out MAXIMAS!!! They have some neat internal systems to
thwart thieves too.  Dont matter if they pop the door locks
and set the ignition switch with a bypass cord or any of that
common stuff.    The thief will get about a mile and its
either abandon the thing or wait for the cops to show up!!!
                  Kokomo Joe

****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


On Thu, 6 May 2004, CJT wrote:

> Jerry Polyak wrote:
>
> > "Anton" <Berrybear@gmx.net> wrote in message
> > news:66e6f36b.0405041416.7f0ca7e5@posting.google.com...
> >
> >>Hi guys!
> >>
> >>How can there be so many Worms and Viruses affecting Windows only?
> >>Why does Windows execute every bit of code it can find in an email?
> >>I'm not an expert on exploits, but apparently Linux machines are less
> >>virus prone.
> >>Can some one tell me what the reason for that is, because it seems to
> >>be a major issue in the computer world and it puzzles me.
> >>
> >>Anton
> >
> >
> > That's like asking why more Hondas and Toyotas get stolen then Ferraris and
> > Porsches.
> >
> >
> Yeah, Ferraris and Porsches have better security.
>
>
> --
> The e-mail address in our reply-to line is reversed in an attempt to
> minimize spam.  Our true address is of the form che...@prodigy.net.
>
-1
jfenn (344)
5/6/2004 5:19:16 AM
Reinhardt Kern wrote:

> Berrybear@gmx.net (Anton) wrote:
> 
>>Hi guys!
>>
>>How can there be so many Worms and Viruses affecting Windows only?
> Because >90% of all PCs run with Windows. A virus writer has a
> much better chance to reach his target: The name of his virus in
> the "Tagesschau" (daily TV news)
> 
>>Why does Windows execute every bit of code it can find in an email?
> 
> All "why" questions have to be answered by Microsoft.
> Nobody else can tell the cause.
> 
>>I'm not an expert on exploits, but apparently Linux machines are less
>>virus prone.
> 
> No. They are not. There are also lots of security issues in Linux
> (and all other *nix versions) But you need to know the special
> bulletin boards, where they are discussed - and fixed.
> 
> And there are very much different flavors of Linux then of
> Windows. I know 30+ different ftp services and about 20 mail
> servers for Linux. On top there are a lot of different versions
> installed. So it is much more difficult to use a known bug for an
> attack. It will work only on a small range of servers. - And most
> Linux PCs are much more carefully configured than Windows. This
> will change, when Linux becomes more popular. Users want to USE
> the PC. They don't want to configure. They don't want to patch.
> They don't want to admin.
> 
> Reinhardt

Yes. more security patches are released for linux than for windows - but one
MS security patch contains fixes for many bugs. Individual patches are
released for linux.

Another reason is windows's integration of a web browser into the kernel -
not a smart move.

Many of the newer linux distributions (such as SuSE) include an equivalent
of "windows update" which also supports something similar to auto-update,
and will automatically configure your system to be relatively secure.

Also, linux bugs are fixed *much* more quickly as a general rule. Another
inaccuarcy you mentioned is that people will have multiple versions of the
same software installed - this is only true for things like central
libraries - you probably have msvbvm5 and msvbvm6 installed on windows...

*tries to stop trolling* - just giving my opinion on the q
-1
Fred
5/6/2004 9:00:35 AM
Tech Zero <may-nospam@dragonfur.ca> wrote in message news:<Xns94E0275A62EE3ZeroOne@news.individual.net>...
>... But is it right blame OE for users that are "gullible" enough to 
> execute unknown code?  It's not the hammer that makes mistakes, but the 
> carpenter using it.  So if the user opens an attachment, and Windows 
> obliges them by opening it, isn't that what the user wants?

There are two sides to this point.  Some argue the programmers should
assume the user is stupid.  Some that it should assume the user isn't.
The key is to take into account both possibilities.

The principle issue is that a stable OS or Application design should...

(a.) make no universal assumptions about all users and/or interacting
systems e.g. that everyone is nice or sane and that everyone is sophisticated
enough to consider the possibility of malicious code hidden behind
an innocent sounding subject header of an e-mail.

(b.) should be stable in the sense that the effort required to accidentally
do damage is in proportion to the damage that can be done.

An innocent person should not by simply double clicking an icon on
a malicious e-mail end up with his entire system corrupted requiring
a re-install.  This is a fault in the OS design.  
At the same time its a generally stupid thing to do and so he shouldn't 
come out of it unscathed.  But at worst he should have to reboot.


To write the OS so that  all fools are completely protected 
would be to severely limit its  utility for non-fools.
To write the OS so that a moments lapse in wisdom can do massive
dammage and harm not only the fool but others as well, that
is likewise poor design.

IMNSHO Microsoft seems to invoke the worst of both worlds, by attempting
to protect fools but failing they also make the OS a damn sight more
difficult for the non-fools.  This is why I use Linux.  

It has its own problems including the extra time I must invest in learning
how to make it work on my system.  But I get what I pay for (or less) 
and I'm not willing to fork out hundreds of dollars for a product which
doesn't fit my general desires.  I'd rather spend thousands of dollars
worth om my time with a raw product like the free linux's in order
to get something close to what I want.

Someone someday is going to design a sensible PC arch and OS and then
look out (or better yet buy stock!).

Regards,
J. Baugh
-1
5/6/2004 5:43:34 PM
jam9baugh@ix.netcom.com (James Baugh) writes:
>
> Someone someday is going to design a sensible PC arch and OS and then
> look out (or better yet buy stock!).

This might be it--I'll keep an eye on it anyway: 
        http://www.morphos.net/

Best Regards, 
-- 
Todd H.
http://www.toddh.net/
-1
comphelp (872)
5/6/2004 6:02:06 PM
Well in my opinion Gates should put all his windows in a
programmable ROM chip.  This will avoid your OS ever being
creamed for sure.   The PROM chips are easly installed just by
unlatching the old one and inserting the new one then close the
latch.  No soldering to be done or undone, and all OS problems
are solved for both the "DUMB" people around the world like me,
and also for the most savvy nerds  like most of you pretend to be.
Gates will probably never go for this cause it would short change
him by a few billion dollars each year no matter how many times
he forces the user to buy the next "upgrade" prom chip.
It would likely bankrupt most of the "virus protectors" like
Nortins etc.
                  Kokomo Joe



****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


On Thu, 6 May 2004, Todd H. wrote:

> jam9baugh@ix.netcom.com (James Baugh) writes:
> >
> > Someone someday is going to design a sensible PC arch and OS and then
> > look out (or better yet buy stock!).
>
> This might be it--I'll keep an eye on it anyway:
>         http://www.morphos.net/
>
> Best Regards,
> --
> Todd H.
> http://www.toddh.net/
>
-1
jfenn (344)
5/6/2004 6:44:20 PM
Joseph Fenn <jfenn@lava.net> writes:

> Well in my opinion Gates should put all his windows in a
> programmable ROM chip.  This will avoid your OS ever being
> creamed for sure.   The PROM chips are easly installed just by
> unlatching the old one and inserting the new one then close the
> latch.

After lowering it from the crane.

-- 
Sending unsolicited commercial e-mail to this account incurs a fee of 
$500 per message, and acknowledges the legality of this contract.
-1
5/7/2004 12:46:25 AM
rogblake10@iname10.com (Roger Blake) writes:

> Because Microsoft delights in designing in automation features which
> are dependent on events being triggered by specialized byte streams
> in messages and documents. (You would think they would have learned
> after the problems with the Word 6 auto-execute-macro that couldn't
> easily be disabled.)

A good system understands the difference between code and data,
expecially if data comes from an outside source. 

> They are less prone to email-borne viruses because most Linux and Unix
> email programs will not execute active code in a message.  But I can
> guarantee that if you leave an outdated ftp or web server running
> exposed to the internet on such systems you will likely get hacked.

There are some systems that are inherently more stable by design.  I
had a Sparc Solaris system for 5 years that had the stack marked
"non-executable." One line in the /etc/system file, and stack
overflows were impossible. (Heap overflows are possible, but harder).
And the biggest threats are stack overflows and user errors.

So my Solaris machine had a lot of patches, but in most cases, 
no exploit by stack overflow could compromise the system.

There are a LOT of vulnerabilites in Unix software. And some people
point and say "See! I told you!" I feel this is misleading. 
There is a LOT of open source software.

So if some geek wrote some half-assed code that became popular, and it
had a hole in it, ALL OF LINUX gets blamed with fingers pointing, etc.

Microsoft has professionals who get PAID for writing software.
A lot of Open Source is done without pay, after hours. 

>>Can some one tell me what the reason for that is, because it seems to
>>be a major issue in the computer world and it puzzles me.
>
> That's an "ask Bill Gates" question. :-)

There are several other issues here. The more complex a system is, the
more likely it is to have bugs. Unix systems try to be small and
simple.  Simpler code will always have fewer bugs than spagetti code.
And because UNIX is so modular, it is possible to replace one piece of
code with a higher function code without increasing complexity. 

Also, secure Unix services are usually designed to run as non-root.
Gaining access to a server shouldn't grant root access.

        If I have a service running on my Linux box using process
"apache" there should be no way for that process to gain root access
(which would require a SECOND bug). I could have a hole in the server,
and it could be infected, but it could only run processes as user
"apache."  So a virus could spread on a Linux, but it should not be
able to crash my kernel. The real danger is having a processing
running as root get infected. But that's poor design, and is frowned
upon.

Also - the interface between privileged and non-privileged code is
well understood. There should be no way for a user program to crash
the OS.  A decade ago, there was a program called crash.c - it tried
to break every rule it could in the system calls. Immature OSes would
crash, but the mature OSes became bulletproof.

EVERY interface to the kernel was documented. This is section 2 of the
UNIX manual page. There are no undocumented interfaces. People have
stared at this code for decades, and UNIX types feel comfortable that
the kernel is safe. With undocumented interfaces, there is always a
danger that a newly discovered flaw can spread thoughout the Microsoft
systems.

That's the UNIX philosophy, and it has been around for 30+ years.
I feel more comfortable, but I have more experience with Unix systems.


-- 
Sending unsolicited commercial e-mail to this account incurs a fee of 
$500 per message, and acknowledges the legality of this contract.
-1
5/7/2004 1:25:29 AM
["Followup-To:" header set to comp.os.ms-windows.misc.]

On 2004-05-04, Anton <Berrybear@gmx.net> wrote:

> How can there be so many Worms and Viruses affecting Windows only?
> Why does Windows execute every bit of code it can find in an email?

Because "customers demanded it" and to do otherwise would "stifle 
innovation."

Really. 

-- 

-John (john@os2.dhs.org)
-1
john5722 (447)
5/7/2004 2:02:30 AM
["Followup-To:" header set to comp.os.ms-windows.misc.]
On 2004-05-06, Joseph Fenn <jfenn@lava.net> wrote:

> Well in my opinion Gates should put all his windows in a
> programmable ROM chip.  This will avoid your OS ever being
> creamed for sure. 

What happens when somebody discovers a significant flaw in the software on 
the chip?  How do you patch or update it?

-- 

-John (john@os2.dhs.org)
-1
john5722 (447)
5/7/2004 2:02:31 AM
Very Simple.  If the prom chip with the os is flawed, demand
a replacement, drop it into the empty socket, and latch it.
Start a new ball game immediately.
                    Kokomo Joe


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


On Fri, 7 May 2004, John Thompson wrote:

> ["Followup-To:" header set to comp.os.ms-windows.misc.]
> On 2004-05-06, Joseph Fenn <jfenn@lava.net> wrote:
>
> > Well in my opinion Gates should put all his windows in a
> > programmable ROM chip.  This will avoid your OS ever being
> > creamed for sure.
>
> What happens when somebody discovers a significant flaw in the software on
> the chip?  How do you patch or update it?
>
> --
>
> -John (john@os2.dhs.org)
>
-1
Joseph
5/7/2004 4:12:34 AM
On 2004-05-07, Joseph Fenn <jfenn@lava.net> wrote:

> Very Simple.  If the prom chip with the os is flawed, demand
> a replacement, drop it into the empty socket, and latch it.
> Start a new ball game immediately.

And you think that's going to happen?  They won't even send you a new CD 
with security updates.  You have to download and install it on your dime.  
Going to PROMs is not likely to be any different.  You want to new, 
patched PROM?  Fine, fork over the $$$.  And if Joe Sixpack can't be 
bothered to do SOFTWARE upgrade, what chance is there of him doing a 
HARDWARE upgrade? 

-- 

-John (john@os2.dhs.org)
0
John
5/8/2004 3:10:02 AM
John,
Any idiot can drop a new rom upgrade chip into a "latch"
type prom socket.   Gates would still get his bucks each time
a new windows version comes out.   It would just be a prom chip
in a small box and thats it.   No installation problems to figure out,
No disk required.   No cd required.   How simple could it get.
No more Govt shutdowns due to a virus from the Phillipines or maybe
Al Quaida!!!!
                   Kokomo Joe


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


On Sat, 8 May 2004, John Thompson wrote:

> On 2004-05-07, Joseph Fenn <jfenn@lava.net> wrote:
>
> > Very Simple.  If the prom chip with the os is flawed, demand
> > a replacement, drop it into the empty socket, and latch it.
> > Start a new ball game immediately.
>
> And you think that's going to happen?  They won't even send you a new CD
> with security updates.  You have to download and install it on your dime.
> Going to PROMs is not likely to be any different.  You want to new,
> patched PROM?  Fine, fork over the $$$.  And if Joe Sixpack can't be
> bothered to do SOFTWARE upgrade, what chance is there of him doing a
> HARDWARE upgrade?
>
> --
>
> -John (john@os2.dhs.org)
>
0
Joseph
5/8/2004 8:42:28 PM
On Sat, 8 May 2004 10:42:28 -1000, Joseph Fenn <jfenn@lava.net> wrote:
> John,
> Any idiot can drop a new rom upgrade chip into a "latch"
> type prom socket.   Gates would still get his bucks each time
> a new windows version comes out.   It would just be a prom chip
> in a small box and thats it.   No installation problems to figure out,
> No disk required.   No cd required.   How simple could it get.
> No more Govt shutdowns due to a virus from the Phillipines or maybe

Can you imagine the cost involved of having to go around to each and every
machine in a corporate network and physically replace a PROM? I think this
leaves us back at square one. The only good solution to this problem is
having secure software.

-- 
-- Skylar Thompson (skylar@cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/
0
Skylar
5/8/2004 11:43:50 PM
On 2004-05-08, Joseph Fenn <jfenn@lava.net> wrote:

> Any idiot can drop a new rom upgrade chip into a "latch"
> type prom socket. 

Easy or not, anything that involves opening the case is going to exclude 
the vast majority of users.  How many people do you know who go buy new 
PCs when they could have simply popped in some more memory and a faster 
CPU? 

-- 

-John (john@os2.dhs.org)
0
John
5/9/2004 3:09:55 AM
Joseph Fenn wrote:
> Well in my opinion Gates should put all his windows in a
> programmable ROM chip.  This will avoid your OS ever being
> creamed for sure.   The PROM chips are easly installed just by
> unlatching the old one and inserting the new one then close the
> latch.  No soldering to be done or undone, and all OS problems
> are solved for both the "DUMB" people around the world like me,
> and also for the most savvy nerds  like most of you pretend to be.
> Gates will probably never go for this cause it would short change
> him by a few billion dollars each year no matter how many times
> he forces the user to buy the next "upgrade" prom chip.
> It would likely bankrupt most of the "virus protectors" like
> Nortins etc.
>                   Kokomo Joe

Great idea except that the OS would still be vulnerable as it would have 
to be loaded from NVRAM to RAM to run. A worm hits, runs an overflow 
against the vulnerable component in memory and off it goes...
E.

0
bellyup (45)
5/9/2004 7:54:32 PM
Whether a worm hits or not it can not delete your oS if its in
ROM!   No worm every written can do that except if you invite
someonw into your computer room who is carrying an EPROM burner
and you invite him to reburn your OS ROM chip.  Now would you go
that far to test vulnerability to worms or virus of any kind?
                  Kokomo Joe


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


On Sun, 9 May 2004, E. wrote:

> Joseph Fenn wrote:
> > Well in my opinion Gates should put all his windows in a
> > programmable ROM chip.  This will avoid your OS ever being
> > creamed for sure.   The PROM chips are easly installed just by
> > unlatching the old one and inserting the new one then close the
> > latch.  No soldering to be done or undone, and all OS problems
> > are solved for both the "DUMB" people around the world like me,
> > and also for the most savvy nerds  like most of you pretend to be.
> > Gates will probably never go for this cause it would short change
> > him by a few billion dollars each year no matter how many times
> > he forces the user to buy the next "upgrade" prom chip.
> > It would likely bankrupt most of the "virus protectors" like
> > Nortins etc.
> >                   Kokomo Joe
>
> Great idea except that the OS would still be vulnerable as it would have
> to be loaded from NVRAM to RAM to run. A worm hits, runs an overflow
> against the vulnerable component in memory and off it goes...
> E.
>
>
0
jfenn (344)
5/9/2004 11:20:24 PM
In article <Pine.BSI.4.58.0405091317470.6845@malasada.lava.net>, 
jfenn@lava.net says...
> Whether a worm hits or not it can not delete your oS if its in
> ROM!   No worm every written can do that except if you invite
> someonw into your computer room who is carrying an EPROM burner
> and you invite him to reburn your OS ROM chip.  Now would you go
> that far to test vulnerability to worms or virus of any kind?

I'm from the old school where we use to do everything in machine 
language, burn it into EPROMS, and also design the board that use the 
CPU.

Putting a OS in ROM would be a complete marketing screw-up. If they put 
it in EEPROM or something that could be updated by a patch, then you are 
right back where you started. If they did put the OS in ROM imagine how 
many computers would have to be returned to get an update because of a 
flaw found in the OS.

-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
0
void9321 (1523)
5/9/2004 11:59:09 PM
Lythos
your logic is totally irrational.  I too have been in and out of
ml programming.  Your equally amiss ref costing and upgradeing.
Instead of annual upgrades of your windows stuff the slow hard way
the only one who would suffer by haveing the OS in rom would be
Mr Gates.   But then he could charge just as much for the upgrade
roms each year and probably make a bundle in the process.   As to
commercial useage I assume an office with 15 or 20 machines
any tech they have in the company could replace prom chips in all
20 of them in less than half an hour.    The idea I am pushing
is to help the Govt itself rid itself of the huge problem with
virus attacks every couple of years.   In fact if things were
done in ROM,  they could design future PC's with a little
trap door on the back or side of the machine or tower where you
just pop it open reach 2 fingers in and unlatch the old (last years)
ROM chip and insert the new one in one minute or less.
The ones who would really suffer financially woult be all he
Virus killer companies Nortins Thunderbyte, and the others.
It would put them out of business actually.
                      Kokomo Joe


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


On Sun, 9 May 2004, Leythos wrote:

> In article <Pine.BSI.4.58.0405091317470.6845@malasada.lava.net>,
> jfenn@lava.net says...
> > Whether a worm hits or not it can not delete your oS if its in
> > ROM!   No worm every written can do that except if you invite
> > someonw into your computer room who is carrying an EPROM burner
> > and you invite him to reburn your OS ROM chip.  Now would you go
> > that far to test vulnerability to worms or virus of any kind?
>
> I'm from the old school where we use to do everything in machine
> language, burn it into EPROMS, and also design the board that use the
> CPU.
>
> Putting a OS in ROM would be a complete marketing screw-up. If they put
> it in EEPROM or something that could be updated by a patch, then you are
> right back where you started. If they did put the OS in ROM imagine how
> many computers would have to be returned to get an update because of a
> flaw found in the OS.
>
> --
> --
> spamfree999@rrohio.com
> (Remove 999 to reply to me)
>
0
jfenn (344)
5/10/2004 5:11:43 AM
Joseph Fenn <jfenn@lava.net> writes:

> John,
> Any idiot can drop a new rom upgrade chip into a "latch"
> type prom socket.   Gates would still get his bucks each time
> a new windows version comes out. 

You have vastly overstated the capabilities of "any idiot."   

Put this one to the "70 year old grandmother" test and see how that
works out. 

Best Regards, 
-- 
Todd H.
http://www.toddh.net/
0
comphelp
5/10/2004 5:49:19 AM
Anton wrote:
> Hi guys!
> 
> How can there be so many Worms and Viruses affecting Windows only?
> Why does Windows execute every bit of code it can find in an email?
> I'm not an expert on exploits, but apparently Linux machines are less
> virus prone.
> Can some one tell me what the reason for that is, because it seems to
> be a major issue in the computer world and it puzzles me.
> 
> Anton

As with most things, we have been here before. When timesharing became
commonplace, allowing large computers to drive multiple terminals, each
with a different user, the first operating systems were vulnerable 
simply to bad programming (crashes), and later to college students
trying to bring the whole machine down for the fun of it.

Virtual memory systems arose, which did both a better job of security,
and made better (smoother) multasker/multiuser operating systems as
well. much study was made at the time of vunerabilities in the
operating system and how to defend from them. The result was two
important facts about computing security:

1. Any system can eventually be found to have a vunerability, but
they can be covered, and become increasingly harder to find in a
properly designed system. A common "proof" that all systems are
vunerable is that the machine can be directly (physically) modified,
or the operator tricked into loading a improper machine tape.

2. There are many basic principles to follow to achieve OS security.
All can be addressed, and the level of security can be quite high,
even if not the ultimate ideal.

Windows started (with Windows 3.0) being unable to mantain protection
against simple crash bugs, ie., a program could unintentially bring down
the system. Windows improved in many respects, but the real improvement
in Windows was discarding it. If you run Windows XP, you are not running
windows in the original sense, but a designed from scratch system, build
by one of the premere operation systems designers (Dave Cutter), with
big machine security in mind.

Although this has much advanced Windows security, there are remaining
problems. One of the biggest is that Microsoft designed Visual basic
as being the common script language of the system. Unfortunately, the
result was that VB viruses can be easily written, and caused to run
in many inappropriate contexts, such as email.

The next biggest would be that all the programs you run have essentially
full access to your machine. It would be far more appropriate to only
allow programs such as Java or VB script to only access one or two
directories in a "pen" for untrusted programs. As an example, Unix 
machines commonly don't allow full machine access in user mode, but
only in "root" mode. Windows has most or all of these security 
mechanisims, but does not use them, perhaps because MS feels that would
be too complicated for most users.

MS has only really had their premere platform for security out and
in general use for 3 years now. Things will improve. MS is getting past
their old idea that things like allowing an email to execute a VB
script would not result in mass hacking. MS probally believed that
nobody would try to hack their programs in such a way. They have lots
of company in that. The phone company first used a cheap and dirty
method to signal long distance charges that kids can and did hack.
They got wise, MS will as well.

In the meantime, there is a lot you can do for your own security:

1. Get a firewall, a hardware one. Set it to log, and watch your logs.
They will tell you if you have a virus that is trying to spread itself,
or if you are being attacked.

2. Stop using outlook and explorer. They have both been heavily 
compromosed. Alternatives are Mozilla and Opera. If you get a message
saying "this site only works with explorer", write them a letter
explaining that you cannot use it because of the overwhelming security
compromises of the product.

3. Use an antivirus program that checks both the system as well as
email.

4. Discard unasked for email and attachments.

5. Run only programs from trusted sources.

6. If you have data that needs complete security, such as credit card
data, etc., run in on a machine that has no internet or network 
connection whatever. Data is hand moved to and from that machine via
writable CD or DVD *ONLY*.
0
Scott
5/10/2004 6:51:47 AM
In article <Pine.BSI.4.58.0405091902220.25139@malasada.lava.net>, 
jfenn@lava.net says...
> The idea I am pushing
> is to help the Govt itself rid itself of the huge problem with
> virus attacks every couple of years.

The OS in ROM won't help - I've installed secure networks across the 
country and not one of them has ever been compromised. It's all about 
proper setup, monitoring, and being proactive. Windows is not any more 
of a problem to secure than any other OS, you just have to know how. The 
government has it's own issues which make securing the OS a problem.

If all you wanted to protect was the kernel then a ROM might do, but 
there are about 1gb of apps that are vulnerable outside the kernel that 
cause most of the problem for people - the OS, at least as I think you 
are referring to it, is more than just the kernel.

I can't see users purchasing MS Office on ROM Chip (no matter how easy 
the package is to install) and then purchasing/returning to a store for 
updates every couple months.

If you want to look at what can be done to stop the spread of most of 
the Worms, get on the ISP's about enabling the NAT function on their 
home users installed cable/dsl modem - with NAT on the users cable/dsl 
modem the worms wont ever make it to the users PC to start the spread.

In the 70's I owned a HP computing device, it had BASIC in a ROM, 
extended math functions in ROM, etc... you could install up to 3 or 4 
ROM cartridges in the unit at a time. On my workstation at my desk I 
have about 30 apps installed, totalling about 45GB of apps and some of 
their data. There is just no way that you're going to get that on 
PROM/ROM and make users accept it.

You're wrong about Virus's - the machines will still suffer, even ROM OS 
based ones, since I virus would just infect MS Word, or some other app 
that's on the internal Drive and spread through that means. The only 
real way you could prevent the problem is to remove the hard drive so 
that there is nothing that can be changed on the system - but then it's 
just a big calculator at that point.


-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
0
void9321 (1523)
5/10/2004 1:36:12 PM
Scott Moore <samiam@moorecad.com> wrote in message news:<6EFnc.61452$Ik.4752411@attbi_s53>...
> 
> As with most things, we have been here before. When timesharing became
> commonplace, allowing large computers to drive multiple terminals, each
> with a different user, the first operating systems were vulnerable 
> simply to bad programming (crashes), and later to college students
> trying to bring the whole machine down for the fun of it.
> 
> Virtual memory systems arose, which did both a better job of security,
> and made better (smoother) multasker/multiuser operating systems as
> well. much study was made at the time of vunerabilities in the
> operating system and how to defend from them. The result was two
> important facts about computing security:
> 
> 1. Any system can eventually be found to have a vunerability, but
> they can be covered, and become increasingly harder to find in a
> properly designed system. A common "proof" that all systems are
> vunerable is that the machine can be directly (physically) modified,
> or the operator tricked into loading a improper machine tape.
> 
> 2. There are many basic principles to follow to achieve OS security.
> All can be addressed, and the level of security can be quite high,
> even if not the ultimate ideal.
> 
> Windows started (with Windows 3.0) being unable to mantain protection
> against simple crash bugs, ie., a program could unintentially bring down
> the system. Windows improved in many respects, but the real improvement
> in Windows was discarding it. If you run Windows XP, you are not running
> windows in the original sense, but a designed from scratch system, build
> by one of the premere operation systems designers (Dave Cutter), with
> big machine security in mind.
> 
> Although this has much advanced Windows security, there are remaining
> problems. One of the biggest is that Microsoft designed Visual basic
> as being the common script language of the system. Unfortunately, the
> result was that VB viruses can be easily written, and caused to run
> in many inappropriate contexts, such as email.
> 
> The next biggest would be that all the programs you run have essentially
> full access to your machine. It would be far more appropriate to only
> allow programs such as Java or VB script to only access one or two
> directories in a "pen" for untrusted programs. As an example, Unix 
> machines commonly don't allow full machine access in user mode, but
> only in "root" mode. Windows has most or all of these security 
> mechanisims, but does not use them, perhaps because MS feels that would
> be too complicated for most users.
> 
> MS has only really had their premere platform for security out and
> in general use for 3 years now. Things will improve. MS is getting past
> their old idea that things like allowing an email to execute a VB
> script would not result in mass hacking. MS probally believed that
> nobody would try to hack their programs in such a way. They have lots
> of company in that. The phone company first used a cheap and dirty
> method to signal long distance charges that kids can and did hack.
> They got wise, MS will as well.
> 
> In the meantime, there is a lot you can do for your own security:
> 
> 1. Get a firewall, a hardware one. Set it to log, and watch your logs.
> They will tell you if you have a virus that is trying to spread itself,
> or if you are being attacked.
> 
> 2. Stop using outlook and explorer. They have both been heavily 
> compromosed. Alternatives are Mozilla and Opera. If you get a message
> saying "this site only works with explorer", write them a letter
> explaining that you cannot use it because of the overwhelming security
> compromises of the product.
> 
> 3. Use an antivirus program that checks both the system as well as
> email.
> 
> 4. Discard unasked for email and attachments.
> 
> 5. Run only programs from trusted sources.
> 
> 6. If you have data that needs complete security, such as credit card
> data, etc., run in on a machine that has no internet or network 
> connection whatever. Data is hand moved to and from that machine via
> writable CD or DVD *ONLY*.


Good reasoning, good advice. But, sometimes it seems to me that msft
leaves, even their most critical OS files, wide open. Malware makers
seem to have no trouble replacing windows system files, or editing the
registree. Can't msft do anything to make those files "off limits" ?
0
walterbyrd
5/10/2004 1:40:25 PM
["Followup-To:" header set to comp.os.ms-windows.networking.misc.]
On 2004-05-09, Joseph Fenn <jfenn@lava.net> wrote:

> On Sun, 9 May 2004, E. wrote:
>> Great idea except that the OS would still be vulnerable as it would have
>> to be loaded from NVRAM to RAM to run. A worm hits, runs an overflow
>> against the vulnerable component in memory and off it goes...
>> E.

> Whether a worm hits or not it can not delete your oS if its in
> ROM!   

It won't be able to erase the OS from the ROM, but it could still scribble 
all over system memory, escalate priveleges to access user files on a HD, 
install a spam proxy, etc. until you reboot at least.  And after you 
reboot you're still vulnerable to the same exploit that was used before 
you rebooted.

I don't know about you, but my web server still gets hit dozens, even 
hundreds of times a day with NIMDA and Code Red exploit attempts that 
people could/should have patched against at least two years ago already.  
That IMHO is enough of an argument to demolish the idea of a ROM based OS 
as a solution.  If people can't be bothered to install a software update 
that has been readily available for over two years, there's no hope of 
them going out of their way to do the scary operation of opening the case 
and installing a new ROM chip.

If your ROM based OS is vulnerable to an exploit, it will inevitably be 
compromised within minutes or at best hours after connecting to the 
Internet, and it will remain vulnerable until such time as an updated ROM 
is installed. As long as there are even a few compromised machines out 
there spewing exploit attempts at all and sundry, even your ROM based 
solution is doomed to fail. 

-- 

-John (john@os2.dhs.org)
0
john5722 (447)
5/10/2004 6:10:17 PM
On Mon, 10 May 2004 18:10:17 GMT, John Thompson
<john@starfleet.os2.dhs.org> wrote:


>I don't know about you, but my web server still gets hit dozens, even 
>hundreds of times a day with NIMDA and Code Red exploit attempts that 
>people could/should have patched against at least two years ago already.  
>That IMHO is enough of an argument to demolish the idea of a ROM based OS 
>as a solution.  If people can't be bothered to install a software update 
>that has been readily available for over two years, there's no hope of 
>them going out of their way to do the scary operation of opening the case 
>and installing a new ROM chip.
>
>If your ROM based OS is vulnerable to an exploit, it will inevitably be 
>compromised within minutes or at best hours after connecting to the 
>Internet, and it will remain vulnerable until such time as an updated ROM 
>is installed. As long as there are even a few compromised machines out 
>there spewing exploit attempts at all and sundry, even your ROM based 
>solution is doomed to fail. 
BUT it does give one ideas of how to stop some of the problems. If you
were to have the OS on a ROM then you could also load software updates
periodically until a new ROM chip was distributed. Would make servers
MUCH less vulnerable, just reboot and all is well again. AND if the
critical update files were on a CD then they too would be invulnerable
to attack. OR the OS could be on a CD that could be patched and known
to be working and then used in an environment that was not capable of
being written to. Thereby foiling any virus attempts. Kind of like a
backup.

0
f
5/10/2004 6:47:03 PM
Hooray!!   Someonw below finally gives a valuable answer below!
Carefully spelled out and includeing all the caveates necessary.
I still say  gimme a windows OS in a ROM or PROM chip and I'll buy
and use it instantly!
                      Kokomo Joe


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


On Mon, 10 May 2004, Scott Moore wrote:

> Anton wrote:
> > Hi guys!
> >
> > How can there be so many Worms and Viruses affecting Windows only?
> > Why does Windows execute every bit of code it can find in an email?
> > I'm not an expert on exploits, but apparently Linux machines are less
> > virus prone.
> > Can some one tell me what the reason for that is, because it seems to
> > be a major issue in the computer world and it puzzles me.
> >
> > Anton
>
> As with most things, we have been here before. When timesharing became
> commonplace, allowing large computers to drive multiple terminals, each
> with a different user, the first operating systems were vulnerable
> simply to bad programming (crashes), and later to college students
> trying to bring the whole machine down for the fun of it.
>
> Virtual memory systems arose, which did both a better job of security,
> and made better (smoother) multasker/multiuser operating systems as
> well. much study was made at the time of vunerabilities in the
> operating system and how to defend from them. The result was two
> important facts about computing security:
>
> 1. Any system can eventually be found to have a vunerability, but
> they can be covered, and become increasingly harder to find in a
> properly designed system. A common "proof" that all systems are
> vunerable is that the machine can be directly (physically) modified,
> or the operator tricked into loading a improper machine tape.
>
> 2. There are many basic principles to follow to achieve OS security.
> All can be addressed, and the level of security can be quite high,
> even if not the ultimate ideal.
>
> Windows started (with Windows 3.0) being unable to mantain protection
> against simple crash bugs, ie., a program could unintentially bring down
> the system. Windows improved in many respects, but the real improvement
> in Windows was discarding it. If you run Windows XP, you are not running
> windows in the original sense, but a designed from scratch system, build
> by one of the premere operation systems designers (Dave Cutter), with
> big machine security in mind.
>
> Although this has much advanced Windows security, there are remaining
> problems. One of the biggest is that Microsoft designed Visual basic
> as being the common script language of the system. Unfortunately, the
> result was that VB viruses can be easily written, and caused to run
> in many inappropriate contexts, such as email.
>
> The next biggest would be that all the programs you run have essentially
> full access to your machine. It would be far more appropriate to only
> allow programs such as Java or VB script to only access one or two
> directories in a "pen" for untrusted programs. As an example, Unix
> machines commonly don't allow full machine access in user mode, but
> only in "root" mode. Windows has most or all of these security
> mechanisims, but does not use them, perhaps because MS feels that would
> be too complicated for most users.
>
> MS has only really had their premere platform for security out and
> in general use for 3 years now. Things will improve. MS is getting past
> their old idea that things like allowing an email to execute a VB
> script would not result in mass hacking. MS probally believed that
> nobody would try to hack their programs in such a way. They have lots
> of company in that. The phone company first used a cheap and dirty
> method to signal long distance charges that kids can and did hack.
> They got wise, MS will as well.
>
> In the meantime, there is a lot you can do for your own security:
>
> 1. Get a firewall, a hardware one. Set it to log, and watch your logs.
> They will tell you if you have a virus that is trying to spread itself,
> or if you are being attacked.
>
> 2. Stop using outlook and explorer. They have both been heavily
> compromosed. Alternatives are Mozilla and Opera. If you get a message
> saying "this site only works with explorer", write them a letter
> explaining that you cannot use it because of the overwhelming security
> compromises of the product.
>
> 3. Use an antivirus program that checks both the system as well as
> email.
>
> 4. Discard unasked for email and attachments.
>
> 5. Run only programs from trusted sources.
>
> 6. If you have data that needs complete security, such as credit card
> data, etc., run in on a machine that has no internet or network
> connection whatever. Data is hand moved to and from that machine via
> writable CD or DVD *ONLY*.
>
0
Joseph
5/10/2004 7:35:41 PM
On 2004-05-10, f/f george <george@yourplace.com> wrote:

> On Mon, 10 May 2004 18:10:17 GMT, John Thompson
><john@starfleet.os2.dhs.org> wrote:
>
>>I don't know about you, but my web server still gets hit dozens, even 
>>hundreds of times a day with NIMDA and Code Red exploit attempts that 
>>people could/should have patched against at least two years ago already.  
>>That IMHO is enough of an argument to demolish the idea of a ROM based OS 
>>as a solution.  If people can't be bothered to install a software update 
>>that has been readily available for over two years, there's no hope of 
>>them going out of their way to do the scary operation of opening the case 
>>and installing a new ROM chip.
>>
>>If your ROM based OS is vulnerable to an exploit, it will inevitably be 
>>compromised within minutes or at best hours after connecting to the 
>>Internet, and it will remain vulnerable until such time as an updated ROM 
>>is installed. As long as there are even a few compromised machines out 
>>there spewing exploit attempts at all and sundry, even your ROM based 
>>solution is doomed to fail. 

> BUT it does give one ideas of how to stop some of the problems. If you
> were to have the OS on a ROM then you could also load software updates
> periodically until a new ROM chip was distributed. Would make servers
> MUCH less vulnerable, just reboot and all is well again. AND if the
> critical update files were on a CD then they too would be invulnerable
> to attack. OR the OS could be on a CD that could be patched and known
> to be working and then used in an environment that was not capable of
> being written to. Thereby foiling any virus attempts. Kind of like a
> backup.

But how would that differ from our current situation, where users need to 
apply software fixes to exploits?  AFAICT, it doesn't; at least not in any 
meaningful way.

-- 

-John (john@os2.dhs.org)
0
John
5/10/2004 10:10:19 PM
walterbyrd wrote:

> Good reasoning, good advice. But, sometimes it seems to me that msft
> leaves, even their most critical OS files, wide open. Malware makers
> seem to have no trouble replacing windows system files, or editing the
> registree. Can't msft do anything to make those files "off limits" ?

Yes. Windows NT (and Winodws XP) has access classes, which would
effectively allow permissions to files to be managed on a file by file
basis. It is standard for windows on a single user to be installed with
"administrator" permissions on the main user. This is equivalent to
giving all users "root" permission in unix. No unix user would ever
do that, because unix users know that the root account is for special
system management tasks. Ie., you would not walk around doing laundry
with a loaded gun, even if you occasionally used a gun.

Now I have Windows XP home edition, fully patched (all latest updates).
I note that there has been an .ASP account set up with limited
permissions specified. ASP is a web service type. So Microsoft is
already moving towards a limited model.

In the Windows XP home edition, there is no apparent menu to set
access classes. Windows XP professional might have that capability.
So you are going to go surfing with your XXX browser. It should be
possible to make a short list of the directories that your browser
has legitimate business accessing, such as a data directory for
web page caches, downloads, etc, and to run Java scripts with at most
one or two directories to play in.

In this way, if you did load a malicious peice of code, all it could do
is trash the directories you have specified it can trash. This can get
as advanced as you wish. The browser can run Java or whatever with
permissions that don't even allow it to access its own data, just a
playpen directory or two.

This is possible in both Unix and Windows. I suspect that the main
reason it does not get more use is because Microsoft does not expect
its users to have this kind of advanced knowledge. But that simply
opens the door for third party companies to issue "Windows Protector",
or somesuch that does the work for you.
0
Scott
5/11/2004 9:22:05 AM
In article <66e6f36b.0405041416.7f0ca7e5@posting.google.com>, 
Berrybear@gmx.net (Anton) wrote:
>How can there be so many Worms and Viruses affecting Windows only?

Do the maths.  90% (or thereabouts) of the desktop market is Windows, 10% is 
"other".  Figure out how quickly a virus would spread through the Windows 
machines, and how quickly it would spread through the other machines.  Then 
add on top of that the obvious cachet of "my virus is on millions of 
machines", rather than "my virus is running on Fred's and Dave's machines".

>Why does Windows execute every bit of code it can find in an email?

It doesn't.  Segregate, in your mind, the application from the operating 
system.  Windows doesn't do anything with email.  Applications do.  
Honestly, the email viruses doing the rounds right now got there because 
users were tricked into telling them to run.  You do know that some of these 
viruses even get the users to enter a password, right?  The flaw is not the 
OS, it's the user.

>I'm not an expert on exploits, but apparently Linux machines are less
>virus prone.

Technically?  No, they aren't.  There are no technical features in Linux 
that would protect it any more than Windows.  There are other factors:
1. [as noted above] it's far more brag-worthy to note that you've infected 
everyone in the neighbourhood and all over the world, than to note that 
you've infected a few people using a marginal operating system.
2. Most users on Linux have taken pains to educate themselves - in many 
cases, because they have to, but that's a whole 'nother argument.  As a 
result, they are perhaps less gullible, less likely to run random 
attachments.  Most Windows users don't want to know how their computer 
works, and will invest considerable effort at remaining ignorant of the 
insides of their computers.  [Not that this is such a bad thing - we can't 
all be experts.  I barely know which end of the car to pump fuel into.]
3. For a long time, Microsoft has been seen as an 'easy target'.  So, 
crackers start there.
4. Current viruses and worms are often seen, by their creators, as 
springboards for other operations - particularly spamming.  If you were an 
evil criminal slug, bent on spamming the crap out of everyone's email boxes, 
would you want to spam from 10% of the world, or from 90% of the world?
5. Virus and worm writers aren't exactly the sharpest knife in the drawer.  
To learn programming, they often have to struggle with the simplest concepts 
- as such, Visual Basic is a whole lot easier for them to start with than 
Perl or C.
6. Windows PCs are cheap and easy to come by.  Assuming crackers are 
randomly distributed among the computer using world, 90% of them will 
already be familiar with Windows, and use that as a starting point.

Other factors that are suggested, but are incorrect, include:
1. Linux users don't run as 'root'.  Windows users run as 'administrator' 
most of the time.  That's true, but largely irrelevant - most viruses use 
only user-level privileges to do their nasty work.
2. Linux users don't get to execute attachments at a single click.  Windows 
users can execute anything with a click from their email apps.  Again, 
that's true, but mostly irrelevant - as has been shown with the viruses that 
actually get the recipient to copy a password into a dialog box to unzip the 
attachment, and then run it with a double click.
3. Linux comes with source code - lots of people get to look at the code.  
Yeah, right, like that helps.  When's the last time you did an audit of the 
source code for the system you are running?  [Oh, and did you make sure to 
compile that source code up for yourself, to make sure that the binaries 
came from that source?  While we're at it, did you verify that the compiler 
wasn't rigged to infect the binaries it built?]  Seriously, most Linux users 
take what they're given without inspecting it, the same as most Windows 
users.

>Can some one tell me what the reason for that is, because it seems to
>be a major issue in the computer world and it puzzles me.

It is, as you are discovering, cause for a 'holy war' between the Linux fans 
and the Microsoft fans.  As a result, and because anyone disagreeing with 
one camp gets far-too-neatly pigeonholed in with the other camp, it's really 
difficult to tell what's truth and what's propaganda.

You can trust everything _I_ say, of course :-)

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
0
alun (74)
5/18/2004 2:28:21 PM
In article <c79tu7$svv$2@e250.ripco.com>, comphelp@toddh.net (Todd H.) 
wrote:
>But as for worms, paticuarly email borne
>worms and viruses, windows really takes the cheese on being victim to
>such malware by a huge proportion. 

Given that the "email borne worms and viruses" exploit social engineering 
rather than any technical flaws, it would appear that the problem has 
nothing to do with the technical features of the OS, and everything to do 
with the sheer number of users on the platform, and how many of them are 
dumb enough to fall for the virus.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
0
alun (74)
5/18/2004 2:28:21 PM
In article <2h2h901uhh30kg5fctflou880r37r1358b@4ax.com>, Jan Kannemacher 
<varros@gmx.de> wrote:
>That's not entirely correct. It is possible to download the patches
>without installing them. Not easy, though, this function leaves a lot to
>be desired.

Every month, MS holds a "security chat", where the head honcho of security 
answers a pile of questions.  I keep asking for "Windows Update on a disk", 
the ability to build a DVD-R to take to remote sites for patching without 
Internet access.  Maybe if other people asked for the same, it might get 
implemented - I'm only one voice.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
0
alun (74)
5/18/2004 2:28:21 PM
In article <610222aa.0405060943.1148e2a@posting.google.com>, 
jam9baugh@ix.netcom.com (James Baugh) wrote:
>An innocent person should not by simply double clicking an icon on
>a malicious e-mail end up with his entire system corrupted requiring
>a re-install.  This is a fault in the OS design.  

At which point is the fault?  The user has chosen to execute an application 
(probably because he was fooled into thinking it was safe).

Should the OS prevent the user from, say, installing Linux?  After all, that 
is going to start with an executable that overwrites his existing operating 
system.

So, maybe the fault is in allowing the user to run attachments - and that's 
been blocked by default in Outlook Express, the email client that comes with 
the OS, for some time now.

>It has its own problems including the extra time I must invest in learning
>how to make it work on my system.

That effort, that time, that education, is how you turned yourself into a 
non-fool for the operating system.  What you're asking for, in essence, is a 
mandatory level of computer literacy before an OS can be used.

If Windows were to disappear tomorrow, someone else would inherit all those 
"foolish" users.  And someone else would find that their tech support costs 
could be reduced by making the system easier for people to use.  The virus 
problem moves with the users, not with the OS.

>But I get what I pay for (or less) 
>and I'm not willing to fork out hundreds of dollars for a product which
>doesn't fit my general desires.  I'd rather spend thousands of dollars
>worth om my time with a raw product like the free linux's in order
>to get something close to what I want.

Good - operating systems are a personal choice, and you should feel free to 
use whichever one you feel is best for your needs.  I'd really like it if 
everyone learned a lot about their particular OS, too, so that they can use 
it better and protect themselves better.

However, there will always be naive users, and they will always need a 
measure of protection.  Consider how well Linux covers those users - if some 
people had their way, and Windows were to die out completely, where would 
those users go, and would they be adequately protected there?

>Someone someday is going to design a sensible PC arch and OS and then
>look out (or better yet buy stock!).

I'm intrigued by the NGSCB (used to be called Palladium) idea.  I don't 
think it's universally applicable, but it's not quite the bugbear I once 
thought it was.  It may even be an excellent idea.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
0
alun (74)
5/18/2004 2:28:26 PM
In article <Pine.BSI.4.58.0405091902220.25139@malasada.lava.net>, Joseph 
Fenn <jfenn@lava.net> wrote:
>your logic is totally irrational.  I too have been in and out of
>ml programming.  Your equally amiss ref costing and upgradeing.

Try my logic.  See if it works for you.

>Instead of annual upgrades of your windows stuff the slow hard way
>the only one who would suffer by haveing the OS in rom would be
>Mr Gates.   But then he could charge just as much for the upgrade
>roms each year and probably make a bundle in the process.   As to
>commercial useage I assume an office with 15 or 20 machines
>any tech they have in the company could replace prom chips in all
>20 of them in less than half an hour.

And for the enterprise with several thousand systems?

How frequently would these service packs come out?  Monthly?  Can you defend 
anything that costs you that much maintenance time every month?  Don't 
forget that this process would require a complete shutdown every time you do 
it.  No 'hot-patching'.

Note also that a software patch can be sent from developer to user in a very 
short time, and can, to a certain extent, be corrected if problems are 
discovered mid-stream.  Distributing millions of chips would be a 
significant time delay in the patching process.

[Granted, it would make an uninstall, in the event of a failure, much 
easier]

>The idea I am pushing
>is to help the Govt itself rid itself of the huge problem with
>virus attacks every couple of years.   In fact if things were
>done in ROM,  they could design future PC's with a little
>trap door on the back or side of the machine or tower where you
>just pop it open reach 2 fingers in and unlatch the old (last years)
>ROM chip and insert the new one in one minute or less.

So, you've fixed the OS (you think) - now, what about the applications that 
are generally the target of these viruses?  The only way you could reach the 
sort of thing you're aiming it is to have every piece of executable code 
locked down onto ROM.  But then you wouldn't be able to write batch files, 
or perl scrips, or anything like that, because those, too, are executable 
code, right?  They look, to the computer, like data files that cause 
executable code to follow different paths - but you're not fooled by that, 
are you?  They're really code.

So you can't quite make the separation you're looking for.  There will 
always be some code that is in RAM, and must remain in RAM, and is therefore 
vulnerable to viruses.

>The ones who would really suffer financially woult be all he
>Virus killer companies Nortins Thunderbyte, and the others.
>It would put them out of business actually.

If the anti-virus companies were serious about stopping viruses, then their 
goal would be to put themselves out of business.  Consider that for a 
moment.  The best way for an anti-virus company to stay in business is to 
ensure that the threat - or the perception of a threat - is always with us.

Symantec owns and moderates the Bugtraq mailing list.  The Bugtraq mailing 
list has seen more and more "proofs of concept" that are nothing more than 
thinly-disguised worm starter kits using the latest vulnerabilities.

Hmm...

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
0
alun (74)
5/18/2004 2:28:28 PM
In article <c7eoi9$9ld$0@208.20.133.66>, Bruce Barnett 
<spamhater95+U040506204844@grymoire.com> wrote:
>A good system understands the difference between code and data,
>expecially if data comes from an outside source. 

There is no such difference.  Data is nothing more than instructions to code 
on how to execute, what branches to follow, what functions to call.  In the 
simplest of cases (say, a text editor), there are only a few branches that 
data can affect.  In the most complex of cases (say, a Perl script, or a 
VBScript) there are multiple branches, and the line between data and code, 
if there ever was one, has obviously been crossed.

But no, you can't make a difference between code and data.  As soon as you 
operate on the data anything more sophisticated than "data comes in, data 
goes out"', as soon as you _process_ that data, you are allowing the data to 
control your code.  There are no well-defined edges between code and data.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
0
alun (74)
5/18/2004 2:28:32 PM
alun@texis.invalid (Alun Jones [MS MVP - Security]) writes:

>Given that the "email borne worms and viruses" exploit social engineering 
>rather than any technical flaws, it would appear that the problem has 
>nothing to do with the technical features of the OS, and everything to do 
>with the sheer number of users on the platform, and how many of them are 
>dumb enough to fall for the virus.

Not entirely true; the fact that MS-Windows doesn't have a hard
separation between "data" and "executable", it's much easier to do
"single click execution" for attachments; on other systems
you need to get the user to do stuff like: (save to file; chmod +x; ./program)

Casper
-- 
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.
0
Casper.Dik (660)
5/18/2004 3:39:42 PM
alun@texis.invalid (Alun Jones [MS MVP - Security]) writes:



]3. Linux comes with source code - lots of people get to look at the code.  
]Yeah, right, like that helps.  When's the last time you did an audit of the 
]source code for the system you are running?  [Oh, and did you make sure to 
]compile that source code up for yourself, to make sure that the binaries 
]came from that source?  While we're at it, did you verify that the compiler 
]wasn't rigged to infect the binaries it built?]  Seriously, most Linux users 
]take what they're given without inspecting it, the same as most Windows 
]users.

Of course it helps. You do not NEED every user to inspect their own
code. Only a few need to to protect everyone. And yes, a few do look
over it. And a few do compile their own and see differences. You do not
get the model at all. Openness protects even those who do not inspect
the source code.
And the protection is not against malicious distributors. I donot think
anyone is arguing that Microsoft is maliciously putting bugs into their
code, and trying to hide the fact. Without evidence to the contrary yes,
people will trust the distributor. But with open source any
maliciousness on the part of the distributor also has far too high a
probablility of being revealed for them to try it. 
Just as the fact that there is not a policeman stationed in every house
is irrelevant to an argument about whether the existence of police
protects the citizens or not. 

0
unruh (1025)
5/18/2004 4:07:13 PM
In article <40aa2e3e$0$33919$e4fe514c@news.xs4all.nl>, Casper H.S. Dik 
<Casper.Dik@Sun.COM> wrote:
>alun@texis.invalid (Alun Jones [MS MVP - Security]) writes:
>
>>Given that the "email borne worms and viruses" exploit social engineering 
>>rather than any technical flaws, it would appear that the problem has 
>>nothing to do with the technical features of the OS, and everything to do 
>>with the sheer number of users on the platform, and how many of them are 
>>dumb enough to fall for the virus.
>
>Not entirely true; the fact that MS-Windows doesn't have a hard
>separation between "data" and "executable", it's much easier to do
>"single click execution" for attachments; on other systems
>you need to get the user to do stuff like: (save to file; chmod +x; ./program)

Have you seen what current email viruses are doing?  To avoid scanning, they 
use zip files with encryption and a password in a gif image, to prevent the 
scanner from extracting the password.

So, to run this virus (and a huge number of people are, to judge by the 
number I receive in my inbox), a user has to open a zip file (admittedly, 
there's the single-click thing that I, too, dislike), then tell it to 
extract and run the executable, and finally, enter the password that they've 
read from the slightly scrambled gif image.

Tell me that this virus is spreading because it's too easy to run an 
executable.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
0
alun (74)
5/18/2004 5:46:10 PM
As I said in my original post.  OS in ROM is the answer.  Yes of course
your data files like EXCEL, WORD, Quicken, data could still suffer
or collapse, but then you do keep backups on your data to cd-r's dont
you?   No one can cream the mbr via virus if the OS is in ROM chips.
Email attachments might mess up your ISP address book, but even that
could be saved to a flopy or other storage device.  The very fact that
MS is 95% of the world computer users suggests that one well planted
monkey virus can cream that entire world population overnight.
Which is more difficult, restore the entire heart of the OS of a
system from scratch, or pull a few floppies out and restore your
personal data files in a half hour maybe.  Thats why LINUX, UNIX
and other systems have the advantage under the present state of
worldwide art of computering.  No feeling of satisfaction comes
to a virus creator that thinks he can kill the entire system
with one well planned mbr destructor if the mbr itself is in
ROM.
           Kokomo Joe
(I use a commodore 128 OS is in ROM)  I fear not the ornery guys)


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


0
jfenn (344)
5/18/2004 7:30:24 PM
Hi Alun.

alun@texis.invalid (Alun Jones [MS MVP - Security]) writes:

> In article <c7eoi9$9ld$0@208.20.133.66>, Bruce Barnett 
> <spamhater95+U040506204844@grymoire.com> wrote:
>>A good system understands the difference between code and data,
>>expecially if data comes from an outside source. 

When I say "system" I mean the entire design, not just the OS. Perhaps
this is why we disagree?

> There is no such difference.  Data is nothing more than instructions to code 
> on how to execute, 

The difference, AISI, is the decision to execute code.
Untrusted code should not be able to make that decision automatically.

Take a stack overflow: On the Solaris system, you can make the stack
non-executable. Application Stack Buffer overflows do not work. Period.

>  In the most complex of cases (say, a Perl script, or a VBScript)
> there are multiple branches, and the line between data and code, if
> there ever was one, has obviously been crossed.

Perl has a mechanism to tag data that came from non-trusted
sources. Certain operations cannot be executed because the data is
tainted.  It's not foolproof, and user errors in Perl coding can
occur, but I suspect it's easier for a beginner to write safe Perl
code than it is to write secure C code.

> But no, you can't make a difference between code and data.  As soon
> as you operate on the data anything more sophisticated than "data
> comes in, data goes out"', as soon as you _process_ that data, you
> are allowing the data to control your code.  There are no
> well-defined edges between code and data.

You haven't convinced me.  Yes, data can cause an application to
consume resources. But the OS should prevent resource abuse.  If data
causes the application to become corrupt, then the overall design is at
fault. Any design that allows data to gain unauthorized privileges is
flawed, from a security perspective.

Here's another example: A compartmented-mode workstation.  Unless you
have human error, no data can gain access to another higher level
compartment. So not only is data isolated, so is code.

Human error is, and always be an issue. If that is your point, I
agree. But I also believe the OS/GUI can do a better job of helping
the user make those decisions.

-- 
Sending unsolicited commercial e-mail to this account incurs a fee of 
$500 per message, and acknowledges the legality of this contract.
0
5/18/2004 7:37:24 PM
Hi Alun.

alun@texis.invalid (Alun Jones [MS MVP - Security]) writes:

> In article <c7eoi9$9ld$0@208.20.133.66>, Bruce Barnett 
> <spamhater95+U040506204844@grymoire.com> wrote:
>>A good system understands the difference between code and data,
>>expecially if data comes from an outside source. 

When I say "system" I mean the entire design, not just the OS. Perhaps
this is why we disagree?

> There is no such difference.  Data is nothing more than instructions to code 
> on how to execute, 

The difference, AISI, is the decision to execute code.
Untrusted code should not be able to make that decision automatically.

Take a stack overflow: On the Solaris system, you can make the stack
non-executable. Application Stack Buffer overflows do not work. Period.

>  In the most complex of cases (say, a Perl script, or a VBScript)
> there are multiple branches, and the line between data and code, if
> there ever was one, has obviously been crossed.

Perl has a mechanism to tag data that came from non-trusted
sources. Certain operations cannot be executed because the data is
tainted.  It's not foolproof, and user errors in Perl coding can
occur, but I suspect it's easier for a beginner to write safe Perl
code than it is to write secure C code.

> But no, you can't make a difference between code and data.  As soon
> as you operate on the data anything more sophisticated than "data
> comes in, data goes out"', as soon as you _process_ that data, you
> are allowing the data to control your code.  There are no
> well-defined edges between code and data.

You haven't convinced me.  Yes, data can cause an application to
consume resources. But the OS should prevent resource abuse.  If data
causes the application to become corrupt, then the overall design is at
fault. Any design that allows data to gain unauthorized privileges is
flawed, from a security perspective.

Here's another example: A compartmented-mode workstation.  Unless you
have human error, no data can gain access to another higher level
compartment. So not only is data isolated, so is code.

Human error is, and always be an issue. If that is your point, I
agree. But I also believe the OS/GUI can do a better job of helping
the user make those decisions.

-- 
Sending unsolicited commercial e-mail to this account incurs a fee of 
$500 per message, and acknowledges the legality of this contract.
0
5/18/2004 7:37:59 PM
alun@texis.invalid (Alun Jones [MS MVP - Security]) writes:

]In article <40aa2e3e$0$33919$e4fe514c@news.xs4all.nl>, Casper H.S. Dik 
]<Casper.Dik@Sun.COM> wrote:
]>alun@texis.invalid (Alun Jones [MS MVP - Security]) writes:
]>
]>>Given that the "email borne worms and viruses" exploit social engineering 
]>>rather than any technical flaws, it would appear that the problem has 
]>>nothing to do with the technical features of the OS, and everything to do 
]>>with the sheer number of users on the platform, and how many of them are 
]>>dumb enough to fall for the virus.
]>
]>Not entirely true; the fact that MS-Windows doesn't have a hard
]>separation between "data" and "executable", it's much easier to do
]>"single click execution" for attachments; on other systems
]>you need to get the user to do stuff like: (save to file; chmod +x; ./program)

]Have you seen what current email viruses are doing?  To avoid scanning, they 
]use zip files with encryption and a password in a gif image, to prevent the 
]scanner from extracting the password.

]So, to run this virus (and a huge number of people are, to judge by the 
]number I receive in my inbox), a user has to open a zip file (admittedly, 
]there's the single-click thing that I, too, dislike), then tell it to 
]extract and run the executable, and finally, enter the password that they've 
]read from the slightly scrambled gif image.

Yes, such social engineering works. So? Just because a procedure is not
foolproof does not mean it is not worthwhile. If all trojans came in
such containers, the prevalence of worms would drop, not to zero but to
a very low level.


]Tell me that this virus is spreading because it's too easy to run an 
]executable.

Difficulty is not a panacea. It is an impediment. That is what we need. 
You are of the opinion that police should be fired and all laws removed
since they do not absolutely prevent crime? 

YOur position is like "People should lock their doors". "Nonesense--
didn't you hear about the criminals who broke into a bank vault, and
that is after all far harder than getting into any locked door. Locked
doors are irrelevant to crime".


0
unruh (1025)
5/18/2004 7:49:32 PM
In article <Pine.BSI.4.58.0405180918410.29421@malasada.lava.net>, 
jfenn@lava.net says...
> As I said in my original post.  OS in ROM is the answer.  Yes of course
> your data files like EXCEL, WORD, Quicken, data could still suffer
> or collapse, but then you do keep backups on your data to cd-r's dont
> you?

Flaws in apps is what it's all about. The kernel for Linux is reasonably 
secure, but there are many flaws with the apps added to it - the same is 
true with any OS. Even Apple is having problems now.

>   No one can cream the mbr via virus if the OS is in ROM chips.

They can't get to the MBR now, at least if you enable VIRUS detection in 
the BIOS or if you run a good AV software package.

> Email attachments might mess up your ISP address book, but even that
> could be saved to a flopy or other storage device.  The very fact that

E-Mail attachments would be every bit a problem that they are now. 
Nothing would change by moving the OS to a ROM.

> MS is 95% of the world computer users suggests that one well planted
> monkey virus can cream that entire world population overnight.

Not true, it's already been tried. In most cases it only infects the 
ignorant users (including businesses that don't have a real security 
manager/team). For those people, once bitten often means they see the 
light and correct it. For the ignorant home user, the ROM would not save 
them in any way.

> Which is more difficult, restore the entire heart of the OS of a
> system from scratch, or pull a few floppies out and restore your
> personal data files in a half hour maybe.

A quick restore CD does the same for most users - most companies ship QR 
CD's with their machines, just insert, press power button, wait, answer 
a few questions, done.

>  Thats why LINUX, UNIX
> and other systems have the advantage under the present state of
> worldwide art of computering.

Nope, no advantage for people listed above, in fact, most of them, home 
users, won't even be able to do the QR let alone a nix install. If they 
can, a QR CD set that is specifically going to restore their system to 
"like bought" state is going to be better than a Nix platform CD 
rebuild.

>  No feeling of satisfaction comes
> to a virus creator that thinks he can kill the entire system
> with one well planned mbr destructor if the mbr itself is in
> ROM.

You're still in the old days, most infections don't even look at the 
MBR, don't care about it, and good virus writers know that there are so 
many other things to infect. Heck, if they just infected a simple app it 
would do more than a MBR that's easy to detect.

ROM is not the answer to any question - educating users and ISP's that 
take responsibility for their EMAIL systems and inbound traffic on 
residential networks is the answer.

-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
0
void9321 (1523)
5/18/2004 7:50:58 PM
Bruce Barnett <spamhater95+U040518143634@grymoire.com> writes:
> Perl has a mechanism to tag data that came from non-trusted
> sources. Certain operations cannot be executed because the data is
> tainted.  It's not foolproof, and user errors in Perl coding can
> occur, but I suspect it's easier for a beginner to write safe Perl
> code than it is to write secure C code.

the converse is true ... anybody (beginner or not) can write unsafe C
code ... detailed analysis at least in the 80s identified the
traditional string handling library functions with implicity lengths
as creating an extrodinarily unsafe environment. somewhat like when
the hew came into farming environment and mandating all farm equipment
needed protection because even experience farmers where getting caught
in one thing or another. the standard C string library functions and
string handling paradigm is hazardous equipment.

detailed vulnerability analysis in the late 80s predicated that C
language environment would have a factor of ten times to hundred times
more buffer length related problems than other program environments
with better length handling paradigms (because of the standard length
handling paradigm that was part of the standard C environment).

something like 30 years ago, mid-70s, a situation was analysed and
documented regarding vulernability allowing exectuable code of any
kind to arrive over a network interface.

computing paradigm from the 60s was systems where all software and
programs were relatively carefully vented and installed by experienced
and trained stated. ordinary people might be able to use such systems,
but didn't actually write code &/or install executables. the problem
that started appearing with various time-sharing systems in the 70s
that supported personal computing ... was that some of them actually
allowed end-users to introduce executable code.

The other characteristic is that most of these time-sharing systems
from the 70s (or earlier) at least started with the basic premise in
their design that they had to protect different users from each other.
That permeated the basic design through-out the system.

The stand-alone, dedicated personal computers from the 80s had none of
these problems ... they didn't require partitioning that protected a
very large number of different users from each other ... and they
didn't have to worry about foreign and possibly hostile executables
arriving over any network.

There are two somewhat different vulnerabilities:

1) huge number of compromises because of fundamental flaw in the
   length paradigm used in C language

2) partitioning and security features that needed to a) isolate
different local users from each other and eventually b) isolate a user
from a foreign and hostile network environment

so there is some analogy to automobiles. long ago and far away
.... automobiles required drivers that were trained in all the quirks
and mechanics of an automobile. the problem was eventually that
somebody wanted to sell everybody a car ... but there wasn't enuf
personal chauffer/mechanics for everybody to have a car. they had to
come up cars that people could operate themselves w/o requiring a
personal chauffer/mechanic.

so if everybody was going to operate their own car ... they eventually
had to

1) require a minimum of expertise ... so there were mandated training
and licensing programs

2) require a huge amount of mandated safety features 

4) have institutonalized vehicle safety checks

3) have a bunch of laws that could charge people with a) reckless
operation of a vehicle and/or b) operation of an unsafe vehicle. This
could confiscate their vehicle and take away their driving rights.  It
didn't matter whether people knew anything about the mechanics of a
car or not ... they were still liable for operating an unsafe vehicle.

now these are applicable for operation of a vehicle in a public
environment. if you have a vehicle that you will only operate in your
backyard and never bring into a public environment you aren't subject
to most of the regulations.

recent post about looking at entries in CVE database:
http://www.garlic.com/~lynn/2004e.html#43 security taxonomy and CVE

collection of past posts about all kinds of vulnerabilities, exploits, and
fraud:
http://www.garlic.com/~lynn/subpubkey.html#fraud
collection of past posts related somewhat to the reverse ... assurance
http://www.garlic.com/~lynn/subpubkey.html#assurance


all sort of random past threads mentioning the length issue and buffer overflow
exploits:
http://www.garlic.com/~lynn/99.html#219 Study says "buffer overflow" is most common security bug
http://www.garlic.com/~lynn/2000.html#30 Computer of the century
http://www.garlic.com/~lynn/2000g.html#50 Egghead cracked, MS IIS again
http://www.garlic.com/~lynn/2001n.html#30 FreeBSD more secure than Linux
http://www.garlic.com/~lynn/2001n.html#71 Q: Buffer overflow
http://www.garlic.com/~lynn/2001n.html#72 Buffer overflow
http://www.garlic.com/~lynn/2001n.html#76 Buffer overflow
http://www.garlic.com/~lynn/2001n.html#84 Buffer overflow
http://www.garlic.com/~lynn/2001n.html#90 Buffer overflow
http://www.garlic.com/~lynn/2001n.html#91 Buffer overflow
http://www.garlic.com/~lynn/2001n.html#93 Buffer overflow
http://www.garlic.com/~lynn/2002.html#4 Buffer overflow
http://www.garlic.com/~lynn/2002.html#19 Buffer overflow
http://www.garlic.com/~lynn/2002.html#20 Younger recruits versus experienced veterans  ( was Re: The demise of compa
http://www.garlic.com/~lynn/2002.html#23 Buffer overflow
http://www.garlic.com/~lynn/2002.html#24 Buffer overflow
http://www.garlic.com/~lynn/2002.html#26 Buffer overflow
http://www.garlic.com/~lynn/2002.html#27 Buffer overflow
http://www.garlic.com/~lynn/2002.html#28 Buffer overflow
http://www.garlic.com/~lynn/2002.html#29 Buffer overflow
http://www.garlic.com/~lynn/2002.html#32 Buffer overflow
http://www.garlic.com/~lynn/2002.html#33 Buffer overflow
http://www.garlic.com/~lynn/2002.html#34 Buffer overflow
http://www.garlic.com/~lynn/2002.html#35 Buffer overflow
http://www.garlic.com/~lynn/2002.html#37 Buffer overflow
http://www.garlic.com/~lynn/2002.html#38 Buffer overflow
http://www.garlic.com/~lynn/2002.html#39 Buffer overflow
http://www.garlic.com/~lynn/2002i.html#62 subjective Q. - what's the most secure OS?
http://www.garlic.com/~lynn/2002l.html#42 Thirty Years Later: Lessons from the Multics Security Evaluation
http://www.garlic.com/~lynn/2002l.html#45 Thirty Years Later: Lessons from the Multics Security Evaluation
http://www.garlic.com/~lynn/2002m.html#8 Backdoor in AES ?
http://www.garlic.com/~lynn/2002m.html#10 Backdoor in AES ?
http://www.garlic.com/~lynn/2002m.html#58 The next big things that weren't
http://www.garlic.com/~lynn/2002p.html#6 unix permissions
http://www.garlic.com/~lynn/2003i.html#59 grey-haired assembler programmers (Ritchie's C)
http://www.garlic.com/~lynn/2003j.html#4 A Dark Day
http://www.garlic.com/~lynn/2003j.html#8 A Dark Day
http://www.garlic.com/~lynn/2003j.html#20 A Dark Day
http://www.garlic.com/~lynn/2003k.html#64 C & reliability: Was "The Incredible Shrinking Legacy"
http://www.garlic.com/~lynn/2003l.html#2 S/360 Engineering Changes
http://www.garlic.com/~lynn/2003n.html#14 Poor people's OS?
http://www.garlic.com/~lynn/2003o.html#6 perfomance vs. key size
http://www.garlic.com/~lynn/2003o.html#20 IS CP/M an OS?
http://www.garlic.com/~lynn/2003o.html#25 Any experience with "The Last One"?
http://www.garlic.com/~lynn/2003o.html#50 Pub/priv key security
http://www.garlic.com/~lynn/2004.html#30 Threat of running a web server?


-- 
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
0
lynn13 (400)
5/18/2004 8:43:29 PM
Attn Spamfree in Ohio.
Appears you have'nt seen a newspaper in past few years, nor
TV announcements of world/wide virus'.  In what part of Mongolia
do you reside????   Those worlwide interrupts were no joke and
took down US govt machines right along with that 95% figure
pc windows users worldwide.  Monkey virus can and do appear
often and it works by destroying the mbr.   If your lucky enuff
to have updated your Nortins anti-virus just in time, you might
be covered.   If its a new one the virus killers have'nt seen before
watch out man your playing jeapordy!
OS in ROM way to go for all computers!!!!!!!!!!
                    Kokomo Joe


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


On Tue, 18 May 2004, Leythos wrote:

> In article <Pine.BSI.4.58.0405180918410.29421@malasada.lava.net>,
> jfenn@lava.net says...
> > As I said in my original post.  OS in ROM is the answer.  Yes of course
> > your data files like EXCEL, WORD, Quicken, data could still suffer
> > or collapse, but then you do keep backups on your data to cd-r's dont
> > you?
>
> Flaws in apps is what it's all about. The kernel for Linux is reasonably
> secure, but there are many flaws with the apps added to it - the same is
> true with any OS. Even Apple is having problems now.
>
> >   No one can cream the mbr via virus if the OS is in ROM chips.
>
> They can't get to the MBR now, at least if you enable VIRUS detection in
> the BIOS or if you run a good AV software package.
>
> > Email attachments might mess up your ISP address book, but even that
> > could be saved to a flopy or other storage device.  The very fact that
>
> E-Mail attachments would be every bit a problem that they are now.
> Nothing would change by moving the OS to a ROM.
>
> > MS is 95% of the world computer users suggests that one well planted
> > monkey virus can cream that entire world population overnight.
>
> Not true, it's already been tried. In most cases it only infects the
> ignorant users (including businesses that don't have a real security
> manager/team). For those people, once bitten often means they see the
> light and correct it. For the ignorant home user, the ROM would not save
> them in any way.
>
> > Which is more difficult, restore the entire heart of the OS of a
> > system from scratch, or pull a few floppies out and restore your
> > personal data files in a half hour maybe.
>
> A quick restore CD does the same for most users - most companies ship QR
> CD's with their machines, just insert, press power button, wait, answer
> a few questions, done.
>
> >  Thats why LINUX, UNIX
> > and other systems have the advantage under the present state of
> > worldwide art of computering.
>
> Nope, no advantage for people listed above, in fact, most of them, home
> users, won't even be able to do the QR let alone a nix install. If they
> can, a QR CD set that is specifically going to restore their system to
> "like bought" state is going to be better than a Nix platform CD
> rebuild.
>
> >  No feeling of satisfaction comes
> > to a virus creator that thinks he can kill the entire system
> > with one well planned mbr destructor if the mbr itself is in
> > ROM.
>
> You're still in the old days, most infections don't even look at the
> MBR, don't care about it, and good virus writers know that there are so
> many other things to infect. Heck, if they just infected a simple app it
> would do more than a MBR that's easy to detect.
>
> ROM is not the answer to any question - educating users and ISP's that
> take responsibility for their EMAIL systems and inbound traffic on
> residential networks is the answer.
>
> --
> --
> spamfree999@rrohio.com
> (Remove 999 to reply to me)
>
0
jfenn (344)
5/18/2004 11:22:24 PM
In article <Pine.BSI.4.58.0405181316120.1912@malasada.lava.net>, 
jfenn@lava.net says...
> Attn Spamfree in Ohio.
> Appears you have'nt seen a newspaper in past few years, nor
> TV announcements of world/wide virus'.  In what part of Mongolia
> do you reside????   Those worlwide interrupts were no joke and
> took down US govt machines right along with that 95% figure
> pc windows users worldwide.  Monkey virus can and do appear
> often and it works by destroying the mbr.   If your lucky enuff
> to have updated your Nortins anti-virus just in time, you might
> be covered.   If its a new one the virus killers have'nt seen before
> watch out man your playing jeapordy!
> OS in ROM way to go for all computers!!!!!!!!!!
>                     Kokomo Joe

In my area of the world we know enough to bottom post :)

Those machines were not configured properly - their BIOS was not set to 
protect the MBR - same problem would happen with your ROM version - they 
would just find a virus that would infect the BIOS (they can program 
those now you know) with a boot loader. They could also infect every 
application on the computer, which would not be protected by your ROM 
idea.

Come back when you have a workable solution for the masses.

-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
0
void9321 (1523)
5/18/2004 11:58:22 PM
Spamfree
You obviously dont understand how computers work.  ROM cannot be
written to  except with an infrared rom burning tool.  BIOS and
MBR can both be written to (or flashed for bios).   I am a top
poster, not bottom.  I dont wanna read the same drivel over and over
so I just read it once and post at the top and head for another
group!.
          Kokomo Joe


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


On Tue, 18 May 2004, Leythos wrote:

> In article <Pine.BSI.4.58.0405181316120.1912@malasada.lava.net>,
> jfenn@lava.net says...
> > Attn Spamfree in Ohio.
> > Appears you have'nt seen a newspaper in past few years, nor
> > TV announcements of world/wide virus'.  In what part of Mongolia
> > do you reside????   Those worlwide interrupts were no joke and
> > took down US govt machines right along with that 95% figure
> > pc windows users worldwide.  Monkey virus can and do appear
> > often and it works by destroying the mbr.   If your lucky enuff
> > to have updated your Nortins anti-virus just in time, you might
> > be covered.   If its a new one the virus killers have'nt seen before
> > watch out man your playing jeapordy!
> > OS in ROM way to go for all computers!!!!!!!!!!
> >                     Kokomo Joe
>
> In my area of the world we know enough to bottom post :)
>
> Those machines were not configured properly - their BIOS was not set to
> protect the MBR - same problem would happen with your ROM version - they
> would just find a virus that would infect the BIOS (they can program
> those now you know) with a boot loader. They could also infect every
> application on the computer, which would not be protected by your ROM
> idea.
>
> Come back when you have a workable solution for the masses.
>
> --
> --
> spamfree999@rrohio.com
> (Remove 999 to reply to me)
>
0
jfenn (344)
5/19/2004 2:16:47 AM
In article <Pine.BSI.4.58.0405181613100.15414@malasada.lava.net>, 
jfenn@lava.net says...
> Spamfree
> You obviously dont understand how computers work.  ROM cannot be
> written to  except with an infrared rom burning tool.  BIOS and
> MBR can both be written to (or flashed for bios).   I am a top
> poster, not bottom.  I dont wanna read the same drivel over and over
> so I just read it once and post at the top and head for another
> group!.

Joe, I was designing computers before you were born, and even 
programming/erasing PROMS before you could spell ROM. The ROM won't stop 
the virus/infection because there is so much more to a PC than the OS. 
You can't possibly get people to buy/use a system that doesn't let them 
save/store data and that doesn't let them add to it. That ADD TO IT part 
is what will get infected - they don't need to infect the OS to spread a 
virus.

Just how to you think your ROM idea will stop this:

1) User boots system
2) User launches Outlook 4000
3) Outlook, infected the other day, starts sending infected email to 
everyone in the users address book
4) Infected Outlook gets updates from virus host on new plan of attack
5) Infected Outlook starts another spread/attack
6) User shuts down computer after checking email
7) Repeat steps 1-6 every day.



>           Kokomo Joe
> 
> 
> ****************************************************
> * Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
> ****************************************************
> 
> 
> On Tue, 18 May 2004, Leythos wrote:
> 
> > In article <Pine.BSI.4.58.0405181316120.1912@malasada.lava.net>,
> > jfenn@lava.net says...
> > > Attn Spamfree in Ohio.
> > > Appears you have'nt seen a newspaper in past few years, nor
> > > TV announcements of world/wide virus'.  In what part of Mongolia
> > > do you reside????   Those worlwide interrupts were no joke and
> > > took down US govt machines right along with that 95% figure
> > > pc windows users worldwide.  Monkey virus can and do appear
> > > often and it works by destroying the mbr.   If your lucky enuff
> > > to have updated your Nortins anti-virus just in time, you might
> > > be covered.   If its a new one the virus killers have'nt seen before
> > > watch out man your playing jeapordy!
> > > OS in ROM way to go for all computers!!!!!!!!!!
> > >                     Kokomo Joe
> >
> > In my area of the world we know enough to bottom post :)
> >
> > Those machines were not configured properly - their BIOS was not set to
> > protect the MBR - same problem would happen with your ROM version - they
> > would just find a virus that would infect the BIOS (they can program
> > those now you know) with a boot loader. They could also infect every
> > application on the computer, which would not be protected by your ROM
> > idea.
> >
> > Come back when you have a workable solution for the masses.
> >
> > --
> > --
> > spamfree999@rrohio.com
> > (Remove 999 to reply to me)
> >
> 

-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
0
void9321 (1523)
5/19/2004 2:47:31 AM
["Followup-To:" header set to comp.os.ms-windows.misc.]
On 2004-05-18, Joseph Fenn <jfenn@lava.net> wrote:

> As I said in my original post.  OS in ROM is the answer.  Yes of course
> your data files like EXCEL, WORD, Quicken, data could still suffer
> or collapse, but then you do keep backups on your data to cd-r's dont
> you?   No one can cream the mbr via virus if the OS is in ROM chips.

	[...]

> Thats why LINUX, UNIX
> and other systems have the advantage under the present state of
> worldwide art of computering.  No feeling of satisfaction comes
> to a virus creator that thinks he can kill the entire system
> with one well planned mbr destructor if the mbr itself is in
> ROM.

Boot sector viruses are a very small minority of those active these days.  
Virus writers and spammers appear to have formed an alliance of sorts.  
The most profilic viruses now are ones that exploit a security hole to 
install a back door that can be used to proxy spam or launch DDoS attacks.  
There's even a flourishing black market in spam proxies.

-- 

-John (john@os2.dhs.org)
0
john5722 (447)
5/19/2004 3:59:51 AM
["Followup-To:" header set to comp.os.ms-windows.misc.]
On 2004-05-19, Joseph Fenn <jfenn@lava.net> wrote:

> You obviously dont understand how computers work.  ROM cannot be
> written to  except with an infrared rom burning tool.  BIOS and
> MBR can both be written to (or flashed for bios).   I am a top
> poster, not bottom.  I dont wanna read the same drivel over and over
> so I just read it once and post at the top and head for another
> group!.

If you don't like to read it all, what makes you think everybody does?  

If you're going to top-post, at least make the effort to remove the 
surplus verbiage beneath your contribution.

-- 

-John (john@os2.dhs.org)
0
john5722 (447)
5/19/2004 3:59:51 AM
["Followup-To:" header set to comp.os.ms-windows.misc.]
On 2004-05-18, Alun Jones [MS MVP - Security] <alun@texis.invalid> wrote:

>>I'm not an expert on exploits, but apparently Linux machines are less
>>virus prone.

> Technically?  No, they aren't.  There are no technical features in Linux 
> that would protect it any more than Windows.  

At least in *nix you don't run user processes in kernel space.  If 
something manages to exploit a user process, it can only cause trouble for 
that user; it doesn't take the whole system down with it.

-- 

-John (john@os2.dhs.org)
0
john5722 (447)
5/19/2004 3:59:52 AM
alun@texis.invalid (Alun Jones [MS MVP - Security]) wrote:

>Every month, MS holds a "security chat", where the head honcho of security 
>answers a pile of questions.  I keep asking for "Windows Update on a disk", 
>the ability to build a DVD-R to take to remote sites for patching without 
>Internet access.  Maybe if other people asked for the same, it might get 
>implemented - I'm only one voice.

They would probably answer that it's no trouble to download the patches
and put them on a CD or DVD...




JK'04
0
varros (4)
5/19/2004 6:02:36 AM
Joseph Fenn wrote:
> As I said in my original post.  OS in ROM is the answer.  Yes of course
> your data files like EXCEL, WORD, Quicken, data could still suffer
> or collapse, but then you do keep backups on your data to cd-r's dont
> you?   No one can cream the mbr via virus if the OS is in ROM chips.

That's very drastic solution. It limits admins to manupulate with 
system programs.

But there has been better solution yet. I'm talking about user accounts. 
If you install software as adminstrator and then login for normal use as 
normal user, you can't write into system area. That's usual in UNIX 
world. But working under superuser identity every time is insecure and 
irresponsible.

I see almost users work with supperuser proviledge. The people have no 
idea about security. That's one of the biggest security problem in these 
days.

--Petr
0
xpisar (17)
5/19/2004 9:24:51 AM
Joseph Fenn <jfenn@lava.net> writes:

> As I said in my original post.  OS in ROM is the answer.  


And how many lines of code are in the Kernel?
I hear Windows NT has 1 million lines of code.
How much ROM is needed?

> (I use a commodore 128 OS is in ROM)  I fear not the ornery guys)


-- 
Sending unsolicited commercial e-mail to this account incurs a fee of 
$500 per message, and acknowledges the legality of this contract.
0
5/19/2004 11:06:21 AM
Joseph Fenn <jfenn@lava.net> writes:

> As I said in my original post.  OS in ROM is the answer.  

So the solution to bug fixes is to buy a new machine, eh?  It gives
you guaranteed obsolescence, because the number of bugs will be
constant and proportional to the size of the code.

You do realize that a major cost of each system is the software?  You
won't see a $200 PC running Windows. ROM costs more, so the price will
rise to cover the cost. So a ROM-based Windows PC costs twice as much,
and is obsolete before you buy it. Oh yeah. I'll buy one of
those....

-- 
Sending unsolicited commercial e-mail to this account incurs a fee of 
$500 per message, and acknowledges the legality of this contract.
0
5/19/2004 11:22:03 AM
Leythos <void@nowhere.com> writes:

> Just how to you think your ROM idea will stop this:
>
> 1) User boots system
> 2) User launches Outlook 4000
> 3) Outlook, infected the other day, starts sending infected email to 
> everyone in the users address book
> 4) Infected Outlook gets updates from virus host on new plan of attack
> 5) Infected Outlook starts another spread/attack
> 6) User shuts down computer after checking email
> 7) Repeat steps 1-6 every day.


Solution:

        1) User buys new System
        2) User boots up system
        3) System gets infected
        4) go back to 1


-- 
Sending unsolicited commercial e-mail to this account incurs a fee of 
$500 per message, and acknowledges the legality of this contract.
0
5/19/2004 11:54:04 AM
In article <c8fhss$jq4$0@208.20.133.66>, spamhater95+U040519075120
@grymoire.com says...
> Leythos <void@nowhere.com> writes:
> 
> > Just how to you think your ROM idea will stop this:
> >
> > 1) User boots system
> > 2) User launches Outlook 4000
> > 3) Outlook, infected the other day, starts sending infected email to 
> > everyone in the users address book
> > 4) Infected Outlook gets updates from virus host on new plan of attack
> > 5) Infected Outlook starts another spread/attack
> > 6) User shuts down computer after checking email
> > 7) Repeat steps 1-6 every day.
> 
> 
> Solution:
> 
>         1) User buys new System
>         2) User boots up system
>         3) System gets infected
>         4) go back to 1

I think we're in agreement here - I was against the ROM idea since it's 
completely impractical. My point in showing the 7 steps was to indicate 
how easy it would be to infect the computer without touching the OS.

I doubt that he's going to give up on the ROM idea, he can't see that it 
won't prevent anything.

-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
0
void9321 (1523)
5/19/2004 1:01:50 PM
In article <c8dpcc$k5t$1@string.physics.ubc.ca>, unruh@string.physics.ubc.ca 
(Bill Unruh) wrote:
>Yes, such social engineering works. So? Just because a procedure is not
>foolproof does not mean it is not worthwhile. If all trojans came in
>such containers, the prevalence of worms would drop, not to zero but to
>a very low level.

I'm not arguing that it merely works - I'm arguing that it works 
sufficiently well that the prevalence of email viruses would not drop 
significantly at all.  The flaw is with the user, not the system, and the 
flaw can only be fixed where it is.  Put more effort into educating users.

>Difficulty is not a panacea. It is an impediment. That is what we need. 
>You are of the opinion that police should be fired and all laws removed
>since they do not absolutely prevent crime? 

Arguing using analogies is like taking refuge behind a chocolate fireguard.

>YOur position is like "People should lock their doors". "Nonesense--
>didn't you hear about the criminals who broke into a bank vault, and
>that is after all far harder than getting into any locked door. Locked
>doors are irrelevant to crime".

No, my position is more like "email viruses spread as fast and as far even 
if they require such difficulty - and more - in their own distribution; 
hence, requiring such difficulty in the application would not hamper email 
viruses."

Quite frankly, until a few weeks ago, I'd have been on your side - 
single-click to launch attachments is a significantly easy way to get 
yourself into trouble.  However, it appears that viruses are not launched by 
accidental mouse-slips as often as they are launched by people who really 
think that the message is for them, and will jump through any hoops to get 
it.

I'm starting to wonder if a virus that said "write this information down, 
type it into an email and send it to all your friends" wouldn't be just as 
successful.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
0
alun (74)
5/19/2004 5:26:45 PM
In article <slrncalkoa.5ln.john@starfleet.os2.dhs.org>, 
JohnThompson@new.rr.com wrote:
>["Followup-To:" header set to comp.os.ms-windows.misc.]
>On 2004-05-18, Alun Jones [MS MVP - Security] <alun@texis.invalid> wrote:
>> Technically?  No, they aren't.  There are no technical features in Linux 
>> that would protect it any more than Windows.  
>
>At least in *nix you don't run user processes in kernel space.  If 
>something manages to exploit a user process, it can only cause trouble for 
>that user; it doesn't take the whole system down with it.

You appear to have ignored everything else I wrote.  So I'll write it again, 
a little more clearly.  Perhaps you don't have any experience with Windows, 
and if that is the case, it would probably be a good idea to stop making 
assertions about its behaviour.  [Then again, since I don't have wide 
experience with Linux, maybe I should do the same :-)]

Windows user processes do not run in kernel space, either.  It is an 
unfortunate fact that many users choose to run as Administrator (or an 
equivalent account), and it is an equally unfortunate act that many 
applications unnecessarily demand Administrator rights of their users.  This 
is an indictment of the users, and of those particular application 
developers; it is not a flaw in the operating system.  It is not a flaw in 
Windows.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.
0
alun
5/19/2004 5:26:46 PM
Spamfree
Just spell it out.  ROM (read only not writeable)
RAM (welcome to all do what you wish)
None of the old 8 bit computers ATari Kaypro, TRASH80, Commodore,
Timex Sinclair, Pet, VIC had OS in RAM.
If you as you claim were into computers before I was born, then that
would make you about 102 as of now.     That could also present a
brain 102 years old which could explain all this.
                          Joe


****************************************************
* Ham KH6JF AARS/MARS ABM6JF QCWA WW2 VET WD RADIO *
****************************************************


0
jfenn (344)
5/19/2004 7:13:56 PM
"Alun Jones [MS MVP - Security]" <alun@texis.invalid> wrote in message
news:pNMqc.2025$hw2.760@newssvr23.news.prodigy.com...
> In article <c8dpcc$k5t$1@string.physics.ubc.ca>,
unruh@string.physics.ubc.ca
> (Bill Unruh) wrote:
> >Yes, such social engineering works. So? Just because a procedure is not
> >foolproof does not mean it is not worthwhile. If all trojans came in
> >such containers, the prevalence of worms would drop, not to zero but to
> >a very low level.
>
>
> I'm starting to wonder if a virus that said "write this information down,
> type it into an email and send it to all your friends" wouldn't be just as
> successful.

You left out the step instructing them to delete some system file just
before sending the bulk e-mail, and then re-booting.

JW


0
westy528 (115)
5/19/2004 8:19:17 PM
In article <Pine.BSI.4.58.0405190910010.14618@malasada.lava.net>, 
jfenn@lava.net says...
> Spamfree
> Just spell it out.  ROM (read only not writeable)
> RAM (welcome to all do what you wish)
> None of the old 8 bit computers ATari Kaypro, TRASH80, Commodore,
> Timex Sinclair, Pet, VIC had OS in RAM.
> If you as you claim were into computers before I was born, then that
> would make you about 102 as of now.     That could also present a
> brain 102 years old which could explain all this.

I got news for you - I loaded programs via tape on my PET2001 when it 
came out. Sure the OS was on EPROM (I know, I burned a new set when 
Commodore sent us the beta updates). Once again, your ROM idea is a 
false sense of security.

In order for a computer to be used by people it's going to need a hard 
drive and applications. If they apps are stored on the drive, then they 
can be infected - notice, I never said the ROM could be infected. I say 
that your ROM idea is all wet because the apps and items on the drive 
could be infected and the ROM based OS would not mean crap to those 
infected apps.

Now, if you are saying that the computer will not have ANY drives, only 
ROM and RAM, then you are mistaken if you think people will use it.

-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
0
void9321 (1523)
5/19/2004 9:34:32 PM
In comp.security.misc Joseph Fenn <jfenn@lava.net> wrote:
> Spamfree
> Just spell it out.  ROM (read only not writeable)
> RAM (welcome to all do what you wish)
> None of the old 8 bit computers ATari Kaypro, TRASH80, Commodore,
> Timex Sinclair, Pet, VIC had OS in RAM.

Don't know about the others, but the Kaypro and the TRS-80 both loaded
the OS from disk -- it was not in ROM.

The second thing to consider is that almost all problems these days
are caused not by the OS, but by applications (like Outlook, IE,
etc.).  Are you going to put all those in ROM too?  Realizing of
course that the security problems with these applications do not
change them in any way, so even if they were in ROM it wouldn't help
you a bit.  In fact, other than kernel level rootkits, I'm not aware
of anything that putting the OS in ROM would actually fix...

-- 

That's News To Me!
newstome@comcast.net
0
newstome (151)
5/19/2004 11:07:15 PM
On 2004-05-19, Alun Jones [MS MVP - Security] <alun@texis.invalid> wrote:

> Windows user processes do not run in kernel space, either.  It is an 
> unfortunate fact that many users choose to run as Administrator (or an 
> equivalent account), and it is an equally unfortunate act that many 
> applications unnecessarily demand Administrator rights of their users.

That's only part of the problem, and the only part that is controllable by 
the user.

Internet Explorer, for example, is tightly integrated into the operating 
system such that a problem in IE can have widespread effects.

And the graphics subsystem runs in kernel space such that a problem in the 
graphics system can bring down the kernel. 

I'm sure there's other examples.

-- 

-John (john@os2.dhs.org)
0
John
5/20/2004 12:07:31 PM
["Followup-To:" header set to comp.os.ms-windows.misc.]

On 2004-05-19, Jan Kannemacher <varros@gmx.de> wrote:
> alun@texis.invalid (Alun Jones [MS MVP - Security]) wrote:
>
>>Every month, MS holds a "security chat", where the head honcho of security 
>>answers a pile of questions.  I keep asking for "Windows Update on a disk", 
>>the ability to build a DVD-R to take to remote sites for patching without 
>>Internet access.  Maybe if other people asked for the same, it might get 
>>implemented - I'm only one voice.

> They would probably answer that it's no trouble to download the patches
> and put them on a CD or DVD...

They might, but as a practical matter, downloading a 120+MB update over a 
dial-up line puts it out of reach of many people.

-- 

-John (john@os2.dhs.org)
0
john5722 (447)
5/20/2004 12:07:31 PM
["Followup-To:" header set to comp.os.ms-windows.misc.]

On 2004-05-19, Bruce Barnett <spamhater95+U040519071540@grymoire.com> wrote:
> Joseph Fenn <jfenn@lava.net> writes:
>
>> As I said in my original post.  OS in ROM is the answer.  
>
> You do realize that a major cost of each system is the software?  You
> won't see a $200 PC running Windows. ROM costs more, so the price will
> rise to cover the cost. So a ROM-based Windows PC costs twice as much,
> and is obsolete before you buy it. Oh yeah. I'll buy one of
> those....

Not to mention ROM is dog-slow.  If you're just loading a small amont of 
code, like the PC BIOS for example, it doesn't really matter.  But if 
you're going load the whole operating system from ROM it's likely to make 
an already tedious boot sequence unbearable.

-- 

-John (john@os2.dhs.org)
0
john5722 (447)
5/20/2004 12:07:32 PM
["Followup-To:" header set to comp.os.ms-windows.misc.]

On 2004-05-19, Joseph Fenn <jfenn@lava.net> wrote:

> Just spell it out.  ROM (read only not writeable)
> RAM (welcome to all do what you wish)
> None of the old 8 bit computers ATari Kaypro, TRASH80, Commodore,
> Timex Sinclair, Pet, VIC had OS in RAM.
> If you as you claim were into computers before I was born, then that
> would make you about 102 as of now.     That could also present a
> brain 102 years old which could explain all this.

I had an old laptop back in the 80's with MS-DOS v6 in ROM.  It was 
frustrating because it seriously limited what I could do with the machine.

-- 

-John (john@os2.dhs.org)
0
john5722 (447)
5/20/2004 12:07:33 PM
["Followup-To:" header set to comp.os.ms-windows.misc.]
On 2004-05-19, Leythos <void@nowhere.com> wrote:

> I got news for you - I loaded programs via tape on my PET2001 when it 
> came out. Sure the OS was on EPROM (I know, I burned a new set when 
> Commodore sent us the beta updates). Once again, your ROM idea is a 
> false sense of security.
>
> In order for a computer to be used by people it's going to need a hard 
> drive and applications. If they apps are stored on the drive, then they 
> can be infected - notice, I never said the ROM could be infected. I say 
> that your ROM idea is all wet because the apps and items on the drive 
> could be infected and the ROM based OS would not mean crap to those 
> infected apps.
>
> Now, if you are saying that the computer will not have ANY drives, only 
> ROM and RAM, then you are mistaken if you think people will use it.

My old Epson PX-8 CP/M laptop had CP/M on ROM and a CMOS RAMdisk for user 
files and programs.  It had two ROM sockets to accept application ROMs 
(portable WordStar, Calc, etc.).  No disk drive at all, and it could run 
for over 48 hours continuously between recharges.

-- 

-John (john@os2.dhs.org)
0
john5722 (447)
5/20/2004 12:07:33 PM

John Thompson wrote:
> 
> ["Followup-To:" header set to comp.os.ms-windows.misc.]
> 
> On 2004-05-19, Bruce Barnett <spamhater95+U040519071540@grymoire.com> wrote:

> > You do realize that a major cost of each system is the software?  You
> > won't see a $200 PC running Windows. ROM costs more, so the price will
> > rise to cover the cost. So a ROM-based Windows PC costs twice as much,
> > and is obsolete before you buy it.

> Not to mention ROM is dog-slow.

....nor that Windows patches would have to be applied nevertheless.

Thor

-- 
http://thorweb.anta.net/		IRCnet #areena
0
Thor
5/20/2004 12:55:50 PM
In article <slrncap7f4.na.john@starfleet.os2.dhs.org>, 
john@starfleet.os2.dhs.org says...
> ["Followup-To:" header set to comp.os.ms-windows.misc.]
> On 2004-05-19, Leythos <void@nowhere.com> wrote:
> 
> > I got news for you - I loaded programs via tape on my PET2001 when it 
> > came out. Sure the OS was on EPROM (I know, I burned a new set when 
> > Commodore sent us the beta updates). Once again, your ROM idea is a 
> > false sense of security.
> >
> > In order for a computer to be used by people it's going to need a hard 
> > drive and applications. If they apps are stored on the drive, then they 
> > can be infected - notice, I never said the ROM could be infected. I say 
> > that your ROM idea is all wet because the apps and items on the drive 
> > could be infected and the ROM based OS would not mean crap to those 
> > infected apps.
> >
> > Now, if you are saying that the computer will not have ANY drives, only 
> > ROM and RAM, then you are mistaken if you think people will use it.
> 
> My old Epson PX-8 CP/M laptop had CP/M on ROM and a CMOS RAMdisk for user 
> files and programs.  It had two ROM sockets to accept application ROMs 
> (portable WordStar, Calc, etc.).  No disk drive at all, and it could run 
> for over 48 hours continuously between recharges.

But it didn't have an ethernet card, and it didn't have the ability to 
store gigs worth of granny's pictures of the kids and your choice of 
word processors from wall mart...

I use to have a couple 4 bit computers and even a 68000, and a Z80 CPM 
machine, but all of them at least had a floppy drive or a tape drive.

In todays memory/storage hungry world, an OS in ROM, while a valid idea, 
is not going to cut it for most users - the customer back-lash will be 
great and kill the idea. And, if the OS is in ROM, what difference will 
it make with the Applications on a hard drive - that's where the 
infections will be targeted and where the problem will spread.

-- 
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
0
Leythos
5/20/2004 1:39:31 PM
John Thompson <john@starfleet.os2.dhs.org> wrote:

>They might, but as a practical matter, downloading a 120+MB update over a 
>dial-up line puts it out of reach of many people.

That is doubtless true.




JK'04
0
Jan
5/21/2004 6:32:08 AM
mv /var/posts/Leythos/void@nowhere.com /dev/null:

> But it didn't have an ethernet card, and it didn't have the ability to 
> store gigs worth of granny's pictures of the kids and your choice of 
> word processors from wall mart...
> 
> I use to have a couple 4 bit computers and even a 68000, and a Z80 CPM 
> machine, but all of them at least had a floppy drive or a tape drive.
> 
> In todays memory/storage hungry world, an OS in ROM, while a valid idea, 
> is not going to cut it for most users - the customer back-lash will be 
> great and kill the idea. And, if the OS is in ROM, what difference will 
> it make with the Applications on a hard drive - that's where the 
> infections will be targeted and where the problem will spread.

With an OS in ROM, it's simply impossible to update software. This is the main 
problem IMHO.

[]s

-- 
Chaos Master�        | "I'm going under,
Posting from Brazil! |  drowning in you
ICQ: 126375906       |  I'm falling forever,
ask for e-mail/MSN   |  I've got to break through" 
---------------------.  -- Evanescence, "Going Under"
   
0
Chaos
5/22/2004 3:26:19 AM
Reply:

Similar Artilces:

Windows is named Windows : But Why?
http://thehmccompany.com/2015/06/19/windows-is-named-windows-but-why/ Quoting from the URL above: The following was taken from a Microsoft corporate blog designed to document the history of Microsoft. When I joined Microsoft as Vice President of Corporate Communications, I came from the cosmetics / skin care industry where perception (branding) was far more important than reality. The branding strategy for Microsoft Corporation & the specific names for the products (which was part of the company branding strategy) came from the original branding strategy ...

Windows, Windows everywhere
where do I see Windows? In my car (GPS) In my house (3 laptops) In my banks (all 3 of them where I bank) In the grocery stores (Point of Sale systems) In the airport (reservations and ticketing) In the doctor's office (appointments and bookkeeping) In my dentist's office (appointments and bookkeeping) At the car dealership (repair shop reservations and billing) At the Vail lift ticket sales window (Point of Sale systems) In my customer's offices (enterprise apps) In the university (faculty, students and administration) in other words, everywhere. Where do I see Macs? A few lonely laptops... Must be that 97% of the world is totally stupid and only 3% is "enlightened". TT In article <32d29944-0164-4716-927e-2be8386d6c0b@s20g2000yqh.googlegroups.com>, Tommy Troll <tom_elam@earthlink.net> wrote: > Where do I see Windows? > > In my car (GPS) > In my house (3 laptops) > In my banks (all 3 of them where I bank) > In the grocery stores (Point of Sale systems) > In the airport (reservations and ticketing) > In the doctor's office (appointments and bookkeeping) > In my dentist's office (appointments and bookkeeping) > At the car dealership (repair shop reservations and billing) > At the Vail lift ticket sales window (Point of Sale systems) > In my customer's offices (enterprise apps) > In the university (faculty, students and administration) > > In other words, everywhere. > > ...

Docking windows... in Windows
I'm using the Windows version in Windows 7. There's an option in each window to "Lock tab to dock", but I don't see anything occurring. They just sit there and float like they were before. What behavior should be occurring, and what if anything am I doing wrong? Also, has anyone used a recent version of Visual Studio? I like how you can drag a window to one of the edges of the screen or leave it floating. The user interface for dragging the windows is also real easy to use and makes everything real obvious and clear to the user. ...

window-handlers on windows
hi (this is my first post to this ng; so if it is the wrong ng, please direct me to the one i need...) my problem not necessarily bound to C++ (but could also be C), but since my application is in C++, i post it here. i want to draw from application A into a window that has been created by an application B (in my case: i want to render an openGL-scene into a a browser-window) under linux i can get a handle of type "Window" from the Xserver, into which i can draw (assumed that i have permissions) under windows the only such handle i have found is HWND, which is a pointer to a ...

Windows NT vs Windows 2000 vs Windows XP
Hi, I am pretty ignorant when it comes to computers. I posted in another thread that I just purchased a used computer for close to nothing. I have an old windows NT workstation which I plan on installing. My question is : A friend of mine can sell me a Windows 2000 or Windows XP license for cheap. Is there any reason I need to spend $40 to buy any one of these two operating systems for an old Pentium II computer, instead of a free windows NT workstation system that I already have ? For general home use : access internet, typing documents, etc, is there any difference in us...

=?windows-1256?B?yube7cog5uPm2s8gx9DH2skg48jH0cfJIMfh0g==?= =?windows-1256?B?48fh3yDm5sfP7CDPzOHJIN3sIOTlx8bsIN/D0yDj1dEg?= =?windows-1256?B?x+Ht5uMgx+HTyMogOS8xMS8yMDEzIObH4d7k5sfKIMfh5Mfe?= =?window
yube7cog5uPm2s8gx9DH2skg48jH0cfJIMfh0uPH4d8g5ubHz+wgz8zhySDd7CDk5cfG7CDfw9Mg 49XRIMfh7ebjIMfh08jKIDkvMTEvMjAxMyDmx+He5ObHyiDH4eTH3uHJCgpodHRwOi8vbmF0aWdh YXM3YWIuY29tLz9wPTU4OA== ...

=?windows-1256?B?yube7cog5uPm2s8gx9DH2skg48jH0cfJIMfh0g==?= =?windows-1256?B?48fh3yDm5sfP7CDPzOHJIN3sIOTlx8bsIN/D0yDj1dEg?= =?windows-1256?B?x+Ht5uMgx+HTyMogOS8xMS8yMDEzIObH4d7k5sfKIMfh5Mfe?= =?window
yube7cog5uPm2s8gx9DH2skg48jH0cfJIMfh0uPH4d8g5ubHz+wgz8zhySDd7CDk5cfG7CDfw9Mg 49XRIMfh7ebjIMfh08jKIDkvMTEvMjAxMyDmx+He5ObHyiDH4eTH3uHJCgpodHRwOi8vbmF0aWdh YXM3YWIuY29tLz9wPTU4OA== On Fri, 08 Nov 2013 23:12:07 -0800, بيثصس wrote: > 9/11/2013 Not only did you get the year wrong, it's the wrong group! May your woman betray you, your son be gay, and your daughter screw pigs for a living. Now go eat some pork and choke on it, like a good little terrorist. -- See what happens when you switch the googlegrouper filter off. Shudders! I'll turn it back on right now. ...

=?windows-1256?B?yube7cog5uPm2s8gx9DH2skg48jH0cfJIMfh0g==?= =?windows-1256?B?48fh3yDm5sfP7CDPzOHJIN3sIOTlx8bsIN/D0yDj1dEg?= =?windows-1256?B?x+Ht5uMgx+HTyMogOS8xMS8yMDEzIObH4d7k5sfKIMfh5Mfe?= =?window
yube7cog5uPm2s8gx9DH2skg48jH0cfJIMfh0uPH4d8g5ubHz+wgz8zhySDd7CDk5cfG7CDfw9Mg 49XRIMfh7ebjIMfh08jKIDkvMTEvMjAxMyDmx+He5ObHyiDH4eTH3uHJCgpodHRwOi8vbmF0aWdh YXM3YWIuY29tLz9wPTU4OA== ...

Windows 10, AKA Windows 8.2, AKA Windows Nein!
<grin> -- Rincewind formed a mental picture of some strange entity living in a castle made of teeth. It was the kind of mental picture you tried to forget. Unsuccessfully. -- Terry Pratchett, "The Light Fantastic" Chris Ahlstrom wrote: > <grin> I think you hit on why M$ avoided using 9 after the Windows name. LOL On Tuesday, November 11, 2014 6:01:58 AM UTC-5, Chris Ahlstrom wrote: > <grin> Re: Windows 10, AKA Windows 8.2, AKA Windows Nein! Moi is seriously considering buying a brand new Windows 8.1 computer with a large touch screen. It would actually be a 2-for-1 deal: Desktop computer, plus a large touch screen tablet. Further, Windows 8.1 should be supported and capable of keeping up with newer versions of IE, more so than a Windows 7 computer would be. Oh, by the way, Chris Ahlstrom's THREAD sucks - LOL! Chris Ahlstrom wrote: > <grin> OMG, that is too bad that they skipped 9. We could have had years of fun calling it Windows Nein. -- 'So complete freedom is doesn't actually matter - as long as you think there are "enough freedoms." I'm sure that the former Soviet Union gave their citizens "enough freedoms" as well.' - trolling fsckwit "Ezekiel", attacking the GPL It was reported that chrisv posted: > Chris Ahlstrom wrote: > >> <grin> > > OMG, that is too bad that they skipped 9. We ...

[News] Windows Worm Uses Symbian as Host to Infect Other Windows PC's
Symbian phones targeted as carriers for Windows worm ,----[ Quote ] | Anti-virus company F-Secure has posted details of a Windows virus which | can use a Symbian handset to transport itself between systems. The | Mobler worm infects a Windows system, hides the Windows folder and sets | about copying itself into different directories and on to any removable | media available. | | It also creates a Symbian installation file which, if executed by an | unwary user, installs a copy of the virus onto any removable media on | the handset. Once there it depends on a curious user to execute it | when...

[News] [Rival] Windows 'Anti-Virus' Allows Remote Hijacking of Windows
Symantec Confirms ActiveX Bugs in its Own Consumer Software ,----[ Quote ] | Symantec has confirmed flaws in its most popular consumer security software | that could give attackers the means to hijack the Windows PCs that the | programs are supposed to protect. `---- http://www.pcworld.com/article/id,144157-pg,1/article.html Days ago: Trend, Sophos and McAfee flunk Vista SP1 anti-virus tests ,----[ Quote ] | Top tier anti-virus vendors including McAfee, Trend Micro, and Sophos all | failed to secure Windows Vista SP1 in recent independent tests. `---- http://www.theregister.co.uk/...

=?windows-1256?B?1ebRIMfh4+PL4SDH4ePM5ObkIOPN488g0ePWxw==?= =?windows-1256?B?5CDayM/lIOPmyuUg7c7H2NEgyM3tx8rlIOPkIMPa4ewg?= =?windows-1256?B?3+bI0ew2IMPfyubI0SDm7d3e0iDHztjRIN7d0skg3ewg?= =?windows-12
2LXZiNixINin2YTZhdmF2KvZhCDYp9mE2YXYrNmG77+977+92YYg2YXYrdmF2K8g2LHZhdi22KfZ hiDYudio2K/ZhyDZhdmI2KrZhyDZitiu2KfYt9ixINio2K3Zitin2KrZhyDZhdmGINij2LnZhNmJ INmD2YjYqNix2Yk2Ctij2YPYqtmI2KjYsSDZiNmK2YHZgtiyINin2K7Yt9ixINmC2YHYstipINmB 2Ykg2KrYp9ix2YrYriDYp9mE2LPZitmG2YXYpyDYp9mE2YXYtdix2YrYqQoKaHR0cDovL21yaG9z c2FtYWxhZ215LmluZm8vP3A9Nzc2 ...

=?windows-1256?B?x+HI0eTH48wgx+HKz9HtyO0gOiDR3dog393HwQ==?= =?windows-1256?B?ySDH4ePP3t4gx+HPx87h7SDd7SDH4ebNz8fKIMfhzd8=?= =?windows-1256?B?5uPtySAo1NHjIMfh1O3OIJYgzOPl5tHtySDj1dEgx+Ha?= =?windows-12
x+HPx9Egx+Ha0cjtySDh4crk4+3JIMfhxc/H0e3JCsfhyNHkx+PMIMfhys/R7cjtCtHd2iDf3cfB ySDH4ePP3t4gx+HPx87h7SDd7SDH4ebNz8fKIMfhzd/m4+3JCsjF2srjx886IMfh49rlzyDH4cPm 0ebI7CDh48/Rx8Egx+HD2uPH4SBFSUJNCkV1cm9wZWFuIEluc3RpdHV0ZSBmb3IgQnVzaW5lc3Mg TWFuYWdlcnMK1NHjIMfh1O3OIJYgzOPl5tHtySDj1dEgx+Ha0cjtyQrO4cfhIMfh3crRySDj5CAx IMXh7SA1INPIyuPI0SAyMDEzIAoKyOXP3SDR3dog393Hwckgx+Hj0cfM2iDH4c/HzuHsIN3sIMfh 5s3Px8ogx+HN3+bj7cmhIOPkIM7hx+Egx+HK2tHdINrh7CDH4cPP5sfKIObH4cPTx+HtyCDH4c3P 7cvJIN3sIMfh48/e3iAtIMre7e3jIObdzdUg5e3f4SDH4dHex8jJIMfhz8fO4e3JIC0g5sfhyt7R 7dEg2uQgx+Hf3cfBySDmx+Hd2sfh7ckg3ewg2eEg2dHm3SDmztXHxt...

=?windows-1256?B?yMfh1ebRINHb4yDI4ebbIMfh3eTH5Mkg4cjhyA==?= =?windows-1256?B?4ckgx+HcIDY2INrH4yDH4ccgx+TlxyDKy+3RIM/l1Mkgx+E=?= =?windows-1256?B?zOPt2iDd7CDH4drR1iDH4c7H1SDh4d3t4eMgk9rU4yA=?= =?window
yMfh1ebRINHb4yDI4ebbIMfh3eTH5Mkg4cjhyOHJIMfh3CA2NiDax+Mgx+HHIMfk5ccgysvt0SDP 5dTJIMfhzOPt2iDd7ArH4drR1iDH4c7H1SDh4d3t4eMgk9rU4yCUIObfw+TlxyDjx9LhyiDUyMfI CgpodHRwOi8vbXJob3NzYW1hbGFnbXkuaW5mby8/cD03ODQ= ...

=?windows-1256?B?x+HI0eTH48wgx+HKz9HtyO06ICjH4cfKzMflxw==?= =?windows-1256?B?yiDH4c3P7cvJIN3tIMfh483H08jJIMfhzd/m4+3JKSDH?= =?windows-1256?B?09jkyObhIJYgytHf7ccgzuHH4SDH4d3K0ckg4+QgMS01IA==?= =?window
x+HHys3HzyDH4drRyO0g4crk4+3JIMfh4+bH0c8gx+HI1NHtyQrmzc/JIMfhyNHH48wg5ubR1CDH 4drj4QoKx+HT4cfjINrh7d/jIObRzePJIMfh4eUg5sjR38fK5aGhoQrtytTR3SDH4cfKzcfPIMfh 2tHI7SDhyuTj7ckgx+Hj5sfRzyDH4cjU0e3JIMPkIO3N7dgg09rHz8rf4yDa4ePH8CDD5OU6CsjH 4crax+bkIOPaCuPR39IgyuTj7ckgx+Hj5sfRzyDH4djI7drtySDmx+HI1NHtySDI49rlzyDH4cjN 5ssg5sfhz9HH08fKIMfhxd3R7d7tyQogKCDMx+PaySDH4d7H5dzc3Nzc3Nzc3NzRySApCtrS4yDa 4ewg2t7PIMfhyNHkx+PMIMfhys/R7cjtOgrH4cfKzMflx8ogx+HNz+3LySDd7SDH4ePNx9PIySDH 4c3f5uPtySAKx9PY5Mjm4SCWIMrR3+3HIM7hx+Egx+HdytHJIOPkIDEtNSDTyMrjyNEgMjAxM+MK yOXP3SDH48/HzyDH4ePUx9Hf7eQgyMfh49rh5uPHyiDH4drh4+3JIO...

[News] [Rival] Windows Vista Sales + Windows Vista Upgrades = Windows XP
Vista downgrading: What are your rights? ,----[ Quote ] | Talk about a catch 22. Did you know that in order to be allowed to downgrade | Vista to XP on a new computer, Microsoft expects you to have one of the more | expensive editions of Windows Vista that most OEMs don’t even put on their | machines. It’s true. Have a look at this official Microsoft one-sheet | explaining the intricacies of downgrading from Vista that’s come bundled with | a new PC. | | You’d have to add $180 to the price of a Dell Inspiron 530 in order to have | the right to use XP instead of Vista. `---- http...

how do i get windows minimization event in the child video window of windows media player
hi, i am working on a rendering filter and my filter is used by the windows media player. i need the windows minimization event WM_SIZE with the flag SIZE_MINIMIZE to be received by my video window which inturn will be received by the filter to do some internal processing. My video window is a child window of the media player. I am able to receive the WM_SIZE event with the flag SIZE_RESTORED but not with the other flags namely SIZE_MAXIMIZED, SIZE_MAXSHOW, SIZE_MINIMIZED, SIZE_MAXHIDE. can any genius help me out regarding this. thanking in antisipation chidesh "chides...

=?windows-1256?B?yNrPIMfh4+bH3d7JINrh7CDK2Mjt3iDH4c3PIA==?= =?windows-1256?B?x+HHz+TsIObH4cfe1e0g4eHHzObRIMfhx+QgytrR3SA=?= =?windows-1256?B?2uHsIOPRysjfIMjazyDK2Mjt3iDH4c3PIMfhx8/k7CDh?= =?windows-12
yNrPIMfh4+bH3d7JINrh7CDK2Mjt3iDH4c3PIMfhx8/k7CDmx+HH3tXtIOHhx8zm0SDH4cfkIMra 0d0g2uHsIOPRysjfCsjazyDK2Mjt3iDH4c3PIMfhx8/k7CDh4cfM5tEgMjAxMwoKaHR0cDovL25h dGlndGFzN2FiLmJsb2dzcG90LmNvbS8yMDEzLzAyLzIwMTNfMTM0Ni5odG1s yMrH0e3OIMfh08jKoSA5IN3I0cft0aEgMjAxMyBVVEMrMiAxMTozNjozNCDjoSDfysggYWxhZ215 Ogo+IMjazyDH4ePmx93eySDa4ewgytjI7d4gx+HNzyDH4cfP5Owg5sfhx97V7SDh4cfM5tEgx+HH 5CDK2tHdINrh7CDj0crI3wo+IMjazyDK2Mjt3iDH4c3PIMfhx8/k7CDh4cfM5tEgMjAxMwo+IAo+ IGh0dHA6Ly9uYXRpZ3RhczdhYi5ibG9nc3BvdC5jb20vMjAxMy8wMi8yMDEzXzEzNDYuaHRtbAoK yMrH0e3OIMfhy+HHy8fBoSAxNyDTyMrjyNGhIDIwMTMgVVRDKzIgNDoyMToxNyDjoSDf...

=?windows-1256?B?x+HC5CDkyu3MySDH4dTlx8/JIMfhx8jKz8fG?= =?windows-1256?B?7ckgx+HH0uXR7ckgMjAxMyDI0d7jIMfhzOHm0yDZ5dHKIMc=?= =?windows-1256?B?4cLkIOTK7czJIMfIys/Hxu0gx+HH0uXRIMfh1NHt3SA=?= =?windows-12
x+HC5CDkyu3MySDH4dTlx8/JIMfhx8jKz8fG7ckgx+HH0uXR7ckgMjAxMyDI0d7jIMfhzOHm0yDZ 5dHKIMfhwuQK5MrtzMkgx8jKz8fG7SDH4cfS5dEgx+HU0e3dINrh7SDj5t7aIMfhx9Ll0SDH4cra 4e3j7QoKaHR0cDovL25hdGlnYWFzN2FiLm5ldC93cC8/cD05Nzc= ...

Creating framed windows with window()
This might be a simple question, but I would like to create a window with a border around it using Turbo Pascal's window() procedure. How can I do this? Also, are there any good units out there that are compatible with TP7 and that have procedures and/or functions that can make creating these types of windows easier? A Turbo Pascal unit library similar to the CXL - (The C Programmer's Extended Function Library), which was developed in the early 1990's by Mike Smedley, would be great. I appreciate any help. Thanks! "Craig" <nightwatchman94@hotmail.com> wrote in news:1114272516.107554.180280@o13g2000cwo.googlegroups.com: > This might be a simple question, but I would like to create a window > with a border around it using Turbo Pascal's window() procedure. How > can I do this? > > Also, are there any good units out there that are compatible with TP7 > and that have procedures and/or functions that can make creating these > types of windows easier? A Turbo Pascal unit library similar to the CXL > - (The C Programmer's Extended Function Library), which was developed > in the early 1990's by Mike Smedley, would be great. I appreciate any > help. > > Thanks! > > With Turbo Pascal Window() Procedure alone You can not. You may 1.Use Turbo Vision if You own Turbo Pascal 6 or 7. There are a few demo apps comming with Turbo Pascal / Borland Pascal.Turbo Vi...

X Window and Microsoft Windows
I know it is possible for a Windows PC to connect to a Linux system via X using a product like Cygwin/X or Exceed. Is it possible to get two Windows PCs connected via X ? If so, what do I have do ? Looking for a product/products, any technical issues (re-writing software to address the X api), etc. At least a rough idea of where I stand, in any event Thanks, Carl <carlbmorgan@gmail.com> wrote in message news:1152812747.529760.38630@m79g2000cwm.googlegroups.com... >I know it is possible for a Windows PC to connect to a Linux system via > X using a product like Cygwin/X or Exceed. > > Is it possible to get two Windows PCs connected via X ? If so, what do > I have do ? Looking for a product/products, any technical issues > (re-writing software to address the X api), etc. At least a rough idea > of where I stand, in any event > > Thanks, > > Carl > If you have an X-server running on both machines (Cygwin, Exceed, etc.), then it should be the same as connecting from a PC to a Linux system. -- Fred L. Kleinschmidt Boeing Associate Technical Fellow Technical Architect, Software Reuse Project In article <J2CwAn.A5r@news.boeing.com>, Fred Kleinschmidt <fred.l.kleinmschmidt@boeing.com> wrote: > ><carlbmorgan@gmail.com> wrote in message >news:1152812747.529760.38630@m79g2000cwm.googlegroups.com... >>I know it is possible for a Windows PC to connect to a Linux sy...

window width and window center
Hi,i have write a simple program to read a dicom file.I have successfully read the 16 bit image but when i compare with the ezdicom,i found the image has a little bit different.I found that the problem is cause by window width and window center value but i don't know how to apply it even i refer to the dicom standard.The example given is not enought for me,can anybody help me in this topic.The following is the vb code i use to read the 16 bit pixel and all the dataset.Thanks in advance For y = 0 To pixelPerRow - 1 For x = 0 To pixelPerColumns - 1 r = readByte b = readByte color = ShiftBit(b, 8) + ShiftBit(r, 0) a = color And 4095 SetPixelV frmDCM.picView(0).hdc, x, y, RGB(CInt(a), CInt(a), CInt(a)) Next x DoEvents frmDCM.picView(0).Refresh Next y 0008,0005,Specific Character Set=ISO.IR 100 0008,0008,Image Type=ORIGINAL\PRIMARY\AXIAL\NORMAL 0008,0016,SOP Class UID=1.2.840.10008.5.1.4.1.1.2. 0008,0018,SOP Instance UID=1.3.46.670589.5.2.10.2156913941.892665340.475317 0008,0020,Study Date=19980414 0008,0021,Series Date=19980414 0008,0022,Acquisition Date=19980414 0008,0023,Image Date=19980414 0008,0030,Study Time=203538.960689 0008,0031,Series Time=170346.000000 0008,0033,Image Time=170352.000000 0008,0040,Data Set Type=0 0008,0050,Accession Number= 0008,0060,Modality=CT 0008,0070,Manufacturer=Philips Medical Systems 0008,0080,Institution Name=8224 0008,0090,Referring Physician's Name= 0008,1030,Study Desc...

CBS News: =?windows-1252?Q?=91Fast_and_Furious=92_Gun_Fo?= =?windows-1252?Q?und_At_Site_Where_Mexican_Beauty_Queen_Ki?= =?windows-1252?Q?lled_--=3E_Gangster_Baby_Owl_you_have_to_?= =?windows-1252?Q?_l
<http://washington.cbslocal.com/2012/12/18/cbs-news-fast-and-furious-gun-found-at-site-where-mexican-beauty-queen-killed/> Big Steel <ZekeGregory@netscape.net> wrote: > <http://washington.cbslocal.com/2012/12/18/cbs-news-fast-and-furious-gun-found-at-site-where-mexican-beauty-queen-killed/> Fast and Furious. Really? You're going to bring that up? LOL! Way to self-nuke, dumbass. <quote> Several Republicans have called for the resignation of Attorney General Eric Holder due to the botched operation. </quote> On 12/18/2012 4:21 PM, owl wrote: <snipped> You know I am not reading anymore of your crap, right? Right? :) On 12/18/2012 4:38 PM, Big Steel wrote: > On 12/18/2012 4:21 PM, owl wrote: > > <snipped> > > You know I am not reading anymore of your crap, right? Right? :) You're like turdv with an Afro and an even filthier mouth. ...

Windows Freezes When I Minimize Windows
I've got a copy of Windows 2000 Pro [SP4] with all the latest service patches installed. When I first install the operating system, things work great. However, after several weeks of using the computer, and after installing more and more software (games, utilities, and programming applications)... when I minimize a window (any window), the operating system will FREEZE up solid! My mouse is still free, but all sound stops, all windows are unresponsive, keyboard and mouse events don't register anywhere, even the START menu is inaccessible. This DEEP FREEZE lasts from between 3 and 15 seconds... then my computer is back to normal with no problems. If I've got several winodws open that I'd like to minimize, I can successfully minimize 1 or 2... but then when I minimize the 3rd, I get the FREEZE. I might then be able to minimize another window, but the next after that gives me the FREEZE again. This behavior is VERY odd. Any idea what could be causing it? Any suggestions or ideas would be very much appreciated. Kevin Wilson www.TheVBZone.com How much exactly have you installed on your computer. Depending on the programs that you install, you may have alot more running then you think. Run the task manager to see how many processes you have running (CTRL+ALT+DEL and click on the PROCESSES tab.) Also, what kind of computer do you have, whats your processor speed, pentium or what, how much RAM it just sounds like you have alot running and the computer i...

Web resources about - Why does Windows allow Worms? - comp.windows.misc

Window - Wikipedia, the free encyclopedia
This article is about the part of a building. For the Microsoft operating system, see Microsoft Windows . For other uses, see Window (disambiguation) ...

Microsoft Windows Information, Solutions, Tools - Windows IT Pro
Microsoft Windows information and solutions for IT pros. Topics include cloud computing, Windows Server, Exchange, Outlook, PowerShell, virtualization, ...

The Windows Blog
The Windows Blog is Microsoft's Official Blog for the Windows Operating System.

Apple announces 9.7 inch iPad Pro, targeting existing iPad and Windows users
As part of its media event, Apple has announced a new 9.7 inch version of the iPad Pro from $599 . It features much of the same internals as ...

This is Android N’s freeform window mode
"Freeform Window Mode" running on the Android N Developer Preview. 11 more images in gallery Last week we wrote about the " Freeform Window ...

Manage, move and resize your desktop windows with WinDock
... behave just as it always did. If you don’t need WinDock’s configurability, AquaSnap delivers improved snapping, and a lot of extras: window ...

The only Windows 10 tablet you should even consider is now cheaper than ever
... means people who have purchased it over the past nine months have spent their money wisely. On the other hand, it means that Microsoft's Windows ...

Apple thinks you'll replace your Windows PC with one of its new iPads
... isn't shy about using it to steal away Microsoft users. "You might not know this, but the majority of iPad Pro users are coming from a Windows ...

What to expect from Windows 10 migrations
Process changes spurred by Windows 10 servicing model will test IT more than tech-related migration issues.

Android N has a “Freeform” Desktop-Style Floating App Window Mode
As it turns out, Google’s Multi-Window in Android N isn’t the only new multi-tasking functionality the Android team has added. If you read closely ...

Resources last updated: 3/22/2016 2:55:48 PM