General discussion

Locked

Windows Security - The Ultimate Solution

By skontos ·
http://stevenkontos.blogspot.com/2005/02/solving-security-problems-in-windows.html

The link above has some pretty pictures, but here is the gist of what I wrote about.

Solving Security Problems in Windows XP

I just finished cleaning five viruses from my daughter?s notebook PC and spent a combined seven hours installing Windows XP Service Pack 2 on her computer and mine, hoping against hope that the on-going virus problems will be mitigated. In addition to that, I also have to install the ZoneAlarm firewall, Grisoft AVG anti-virus software and Spybot Search & Destroy to protect my recently purchased desktop system.

Let me start this rant by asking why in the world should refreshing some files (Service Pack 2) take 3-1/2 hours? The computer seemed to freeze for two hours where it was doing nothing ? during both installations. What was going on? It happened on both machines. It?s just so absurd and ridiculous. I almost think it?s a joke on the consumer by Microsoft. ?Ha, ha. We?ll put a two hour delay loop in our setup program ? just to drive people crazy.?

You might have no idea what I am talking about. If you?re a network administrator or a geek like me, you know what I am talking about. The time to install this service pack is just ludicrous.

You must understand that the Windows XP was promised to consumers as a major rewrite of the core operating system - just like Windows 98 was, Windows 95 and if you can remember way back when ? Windows for Workgroups.

It?s a lie, of course.

Microsoft Corporation based in Redmonk, Washington has problems. Yeah, I know ? alert the wire services. More and more corporations are switching back to Unix, back to Sun or over to Linux. They just feel that they cannot compromise their mission critical systems by relying on an operating system so prone to attack and so prone to having ?secure? data like credit card numbers, compromised.

The Windows XP product is seemingly more stable that earlier iterations of the Windows operating system. I say seemingly more stable, but then again, computers today are being sold with a minimum of 256 kb of RAM - which is a lot more than they used to incorporate. Additional memory allows a computer to ?screw-up? more often and not give you a ?lock-up? condition, or worse, the ?blue screen of death? (or BSOD as we geeks like to call it). But, while seemingly more stable, it appears to be as prone, or even more prone than ever, to viruses, trojans, spyware and other nasties.

Windows XP has many, many, many security problems which can and will be exploited by hackers and crackers - or whatever those people are calling themselves these days.

Here is how to fix these problems.

One. Not only is it time to rewrite the Windows operating system, it is time for a whole new approach. Microsoft became Microsoft by Bill Gates stealing a BASIC compiler and selling it to IBM. Then he stole what was to become DOS. The rest is history. Well, it?s time to start stealing again Billy-boy. Please, PLEASE crib from Linux and the antiquated, but impenetrable, OS/400 operating system.

If I may digress a moment ? and I will: How good is the OS/400 operating system by IBM? It is so good, in the 15 years I have worked on it, I have never experienced a virus and never experienced a lock-up. This is an OS designed to run 24/7 with 1000+ users pounding away on it, running hundred of programs. Please, ?steal this operating system? - to paraphrase Abbie Hoffman.

Okay, so we have to rewite the operating system. Here?s what we need to do.

Two. Do away with the Windows registry. This was an ?enhancement? created for Windows 95. It is a flat file. What does that mean? It means for one, that it is not normalized. It is just a collection of text data like any document. As such, it is easily accessed and messed with. It also means it is not indexed, nor does it have the coherent structure we would expect in a normalized file. This means: One piece of information in one place; no redundant data and primary key access via an index. The registry is just a big, crappy file. Further, that big, crappy file holds THE most critical information to run Windows. It is completely absurd. Get rid of the registry.

If you are a Windows developer, do you need to have your program start-up automatically? Put it in the Windows Startup folder. Don?t create a registry key so that mere mortals don?t know how to stop your program (or virus) from starting every time Windows starts. Get rid of the registry and encourage the use of the Startup folder. What?s old is new again.

Before the registry, when programs needed to store information like the last file opened, the last high score, the last window position, program defaults or any user program preferences, they used a PIF (program information file). Bring back the PIF. This is something solely used by the application and separate and apart from the operating system.

Ok, so we got rid of the registry ? or at least made it off limits to anything but the operating system. What next?

Three. Make the C:\Windows\System32 directory read-only.

I recently watched a utility program that I downloaded blast a number of drivers and DLLs into my System32 folder. Some of the drivers I recognized as important system drivers. I was aghast that this happened and I prayed that my computer was not infected (or at least still worked the way it did before). A virus scanner or a firewall (which I run) would not ? could not ? stop something like this.

Dear Microsoft, making the operating system files hidden does not help. Beside, I can unhide them with a couple of mouse clicks. Warning me that ?this is the system folder? does not help. I can still delete, replace, rename anything I want. This is atrocious.

Make System32 off-limits. Like OS/400, create a sliding scale of security settings. For the best protection, select the highest security setting to make the system libraries completely OFF-LIMITS ? read-only. Is that clear enough?

Four. Do away with macros, or at least any macros that access operating system functions. The ability of BASIC ? upon which all macros are based ? to access operating system functions like deleting files, goes back to the earliest days of GWBASIC.EXE and MS-DOS. It?s just wrong. If you need to delete a file from a macro, at least force a confirmation screen where the user can decide if this is in fact what they want to do. Preferably, using the highest security setting, macros cannot (should not) access OS functions or tamper with files or areas shipped with the operating system. Period.

My point is this: If you are an administrator; if you are a local user and not some program or remote hacker; THEN AND ONLY THEN may you use an operating system program like DEL or RENAME to delete or rename a file. Is that too simple Microsoft? Do you understand the words that are coming out of my mouth?

Five. Windows startup relies on something called ?the hive.? The ?hive? in my mind, implied a bee?s nest. This is probably an accurate view of what is an essentially a file filled with un-normalized crap ? important crap though because otherwise, the system would not boot up and you would not be looking at a blue screen with the cryptic message saying ?not able to load the hive.?

Do away with the hive. Computers used to boot from paper tape with punch holes. This was probably as reliable as the Windows XP boot procedure using a ?hive.? Get rid of the hive. ?Oh, how will we boot XP without the hive?? Figure out a way fellas. And while you?re at it, make the hive and the boot sectors of the hard drive itself self-repairing. How hard is that? Windows already has a Repair folder and Check Disk repair utility. Combine the two and have an operating system that can heal itself and ensure that it always boots up.

An operating system should always boot unless the drive has been completely trashed. Period. Maybe, just maybe, we need to go back to the old days and have the boot kernel installed in firmware (a chip) inside the computer. No outside entity can monkey with the firmware on a chip. That my friends, means a secure and reliable boot of the operating system. What?s old is new again. Didn?t I say that already?

Six. Stop tightly integrating Internet Explorer and Outlook Express with the operating system. I thought the anti-trust case of 2003-2004 had made that clear, but then, I am not Bill Gates. Those are really (or should be) stand-alone applications. At present, they provide a myriad of opportunities to hack Windows XP. Keep them separate and apart and let?s start securing the core of Windows XP.


In summary:

Re-write the Windows operating system using a whole new approach ? no more recycled, ?enhanced? crap from the days of Windows 3.1.

Get rid of the Windows Registry. It is too prone to malicious software and mistakes made by well-meaning users trying to tweak their system (read: make it work correctly).

Do away with the hive. No one knows what it is and it's corruption has already caused BSOD's on two of my computers, as well as computers around the world. A modern OS (or application program for that matter) cannot rely on a bee's nest.

Make operating system files and directories COMPLETELY off-limits. This does not have to be done arbitrarily. A sliding security scale can be used so that at the HIGH setting, no one (or nothing) other than a local security Administrator, can have anything but READ ACCESS to OS areas and files.

Do away with macros, or at least limit them using the sliding security scale above. At the highest setting, no macro should be able to delete or rename a file, or, access any area or file created by the operating system ? NOT EVEN ?READ? ACCESS. No access. If you?re a macro, no access. Period.

Finally, stop integrating Internet Exporer and Outlook with the operating system. Those applications, by their nature, need to access the outside world and provide too many avenues of attack for developers with a mind for malice.

I didn?t say this would be easy, Microsoft.

Believe me, I know. The impact to software vendors and consumers would be dramatic. This is understood.

To that I say, the impact to me and my business and my clients having computers ?down? for days on end, several times a year, is also a problem - one not without its own share of drama.

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

you missed the best option in the review

by Jaqui In reply to Windows Security - The Ul ...

do not use windows.

I've been using linux for years, and never seen a virus on it. ( even though 250 a year are written for it )
I don't even use anti virus software, as with regular updates, the holes that a virus will exploit are gone, not just plugged like microsoft does, completely gone.

Collapse -

We use windows to support the structure

by jdclyde In reply to you missed the best optio ...

<sarcassim>

If we stopped using Windows, then we would stop getting viruses and spyware.

Just think of all the people that would put out of work? How could I sleep at night if I did?

Our systems would stop crashing all the time, so I couldn't come along and save the day by rebooting the system. What would this do to me? How could I sleep at night if I put myself out of a job?

</sarcassim>

Collapse -

Rebuttal

by awfernald In reply to Windows Security - The Ul ...

I have to agree with most of the points you made, however, I (unfortunately cause they ARE a bunch of morons at MS) feel that I have to help you understand why MS doesn't follow your recommendations:

1. Reason for not rewriting as OS/400 type OS. Simple, if you make it bulletproof or almost bulletproof, you:
a) never give people a reason to upgrade to the newest version;
b) remove a ton of flexibility in what you can do with it;
c) Price yourself out of the market (hmmm, never mind, they already did that)
d) You prove that all the pundits were correct from the very beginning.

Two: Do away with the windows registry. Hmmm, tough one. I think that this really needs an upgrade vs. a replace. Add some security to it as well that people cannot arbitrarily write to it. Still a ton better than having a million .ini files running around in 50 directories. But yes, indexing it, and making it more secure would be very helpful.

Three: Agreed. Keep the OS seperate from the applications. Not even "trusted" applications should mess with the OS. If you have 3rd party .dll files, they can go into another directory. If you want to modify an OS .dll file, then simply add your code in to your application. This also removes the crappy "the version you are installing is older than the current, do you want to replace?", then having to guess whether the one that is present has everything that you need.

Four: Yes and No... The problem with not having macros is dealing with administrative updates being pushed out. Having digital signing of macros helps a lot, especially when you can tighten it down on a corporate basis to permit/deny without allowing a user overide.

Five: Hmmm, I see your point on this, but, then the users start complaining because they have to "do" something to get their computers to finish booting up. But yes, this would be a sensible thing to do.

Six: TOTALLY AGREED!!!! I hate outlook express, and I try to avoid internet express except for those moronic websites that simply have to use Active X or bastardized MS Java that runs only on IE.

btw.... yes, they did program a 2-hour loop into the SP2 upgrade simply to bug the **** out of everyone doing the upgrade, and to help MS Partners get more overtime hours.

Also, as far as all the other software that you needed to install.... just wait, they will be assimilated into an up-and-coming version of Windows....

Collapse -

I know how you feel

by dksells In reply to Windows Security - The Ul ...

"More and more corporations are switching back to Unix...."

The Internet was built with the help of Unix.

Unix put man on the moon.

Do you think NASA would use Windows on the space shuttle?

Collapse -

with the help of unix?

by jdclyde In reply to I know how you feel

The internet was built with Unix, period. And where does TCP/IP come from? You got it.
You just need to know the OSI model for your Windoze/Cisco certs because the windows drones don't want to admit they are using the protocol from Unix. Imagine a web built on netbeui?

Remember Bill saying the web was a "fad" many moons ago? He had to do a major turn around to position himself where he is now.

Collapse -

MS desires to re-invent the wheel.

by dksells In reply to with the help of unix?

Would someone please lone them their compasses.

Collapse -

oops - repost - ignore

by jdclyde In reply to I know how you feel

TR has been crapping out on me all day now, but first time it did a double post today.

Collapse -

Last updates before anti-piracy deadline

by house In reply to Windows Security - The Ul ...

I'd watch out for this one. They may just open up some doors to make some extra cash in a round-about licencing promotion.

Back to Windows Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums