|
Windows Gets Better But So Do Hackers
by Simson Garfinkel
Posted April 12, 2004
In April 2002, I wrote a guest opinion in these pages arguing that all of the security improvements promised in the .NET Framework wouldn't make Windows servers significantly more secure unless Microsoft could somehow improve the security of the underlying operating system—that large body of legacy C and C++ code that .NET's Common Language Runtime euphemistically referred to as "unmanaged code."
Two years later, I'm pleased to report that Microsoft is making great strides toward putting its house in order. Perhaps most significant is Microsoft's technology that automatically protects C and C++ code against buffer overruns. This technology is built into both Windows Server 2003 and Windows XP Service Pack 2. SP2 is a behemoth, but the size is worth the pain because the majority of Windows security flaws in recent years have been buffer overruns. SP2 will end most of them.
Many of Microsoft's programmers are now routinely adding special comments to their code that tells the C compile how different functions process their arguments. This practice, called code annotation, lets the compiler automatically detect many other kinds of common programming errors—errors that have led to other security vulnerabilities in the past.
Moving forward, Microsoft is working with Intel and Advanced Micro Devices to add a new feature to the x86 instruction set that will make future microprocessors even more resistant to attacks. The feature, called no execute (NX for short), allows the computer's operating system to designate regions of memory inside which programs simply can't run. NX makes it nearly impossible for an attacker to craft an exploit that uploads code and then executes it—the uploaded code would most likely be stored on a page used for data, and not one that was specially designated for code.
But while servers are getting more secure, desktop computers seem to be going in the other direction. The problem isn't the operating system; it's the users.
Among the greatest security threats on the Internet today are the so-called zombies—otherwise harmless PCs that just happen to be infected with remote-control attack software. Many of these computers are connected to cable modems, DSL lines, and corporate networks. They get infected because their users didn't apply patches and didn't set their systems for "automatic update."
Zombies are a growing source of spam. They also represent an attack resource that can be used to shut down practically any computer or network connection on the Internet—today there is simply no way to defend against 100 Gbps of firepower coming from thousands of sources.
What's more, Microsoft's decision to drastically scale back support for Windows 98 in June 2003 might have made matters worse. The decision was designed to prod users to get off a six-year-old operating system that had numerous security vulnerabilities. But many computers are still running Windows 98, such as the 500-MHz eMachine I use as a DVD player for my three-year-old twins. Although Microsoft's Web site claims that security fixes for Windows 98 can be downloaded "through normal assisted-support channels," in practice these machines have largely been orphaned. As a result, these machines are sure to cause problems for many years to come.
Even patched machines running the most up-to-date version of Windows XP or Server 2003 are now routinely infected with spyware and other kinds of hostile problems—programs that are downloaded and installed by users who don't know better. Case in point: One of the best antispyware programs is Ad-aware from Lavasoft. You can download Ad-aware from www.lavasoftusa.com, but if you go to www.adaware.com you'll end up downloading and installing a program called SpywareNuker—a program that's widely believed to be spyware itself.
The problem is that economic issues increasingly drive our security problems. As the Internet becomes increasingly integrated into our economy, there's more incentive for bad guys to hack systems, develop malware, and even steal Microsoft source code. Servers, desktops, and the entire Internet infrastructure all need to become dramatically more secure: If they don't, the entire Internet economy is likely to collapse under its own weight.
About the Author
Simson L. Garfinkel is a researcher in the field of computer security and a commentator on information technology. Currently a doctorial candidate at MIT's Computer Science and Artificial Intelligence Laboratory, Garfinkel's research interests include computer security, the usability of secure systems, and information policy.
Back to top
|