Re: Blame Bill Gates for ILOVEYOU

From: Charlie (charlie@antipope.org)
Date: Sat May 06 2000 - 03:50:53 MDT


On Fri, May 05, 2000 at 10:32:31PM +0000, E. Shaun Russell wrote:
> >Linux and Mac users are happily immune to the ill effects of ILOVEYOU, which
> >depends upon the Windows Scripting Host to get launched once it's triggered
> >on the user's computer.
>
> Blame a company for not being infallible? If those are the standards, then
> I'm afraid that *no* O/S can live up to them. The crime isn't on MS'
> hands, it is on the proliferation of the virus.

I disagree.

The DOS-based Windows family (not NT or 2000) is still layered on top of
an abomination that has no filesystem based security policy. This is the
first headache; any process can read/write anything it damn well pleases
on any mounted filesystem.

The second problem is that Microsoft, in search of usability improvements,
persistently prioritise security below user convenience. This makes sense
from a marketing point of view in a non-security-literate field, but it's
a disaster when the systems they're making get hooked up to a wide area
network. In general, secure systems tend to be a pain in the butt to
work with -- but they're secure; that's part of the reason they're a
pain. Microsoft tries to take the pain out of things -- and ends up driving
a cart and horses (or an eighteen-wheeler) through security.

The combination of a proliferation of security back doors (email clients
that can execute arbitrary code embedded in email, that can fiddle with
the contents of any file on the root filesystem, for gopod's sake!) is a
vulnerability to viruses.

This is not to say that MacOS or UNIX-family systems are immune -- but
they're more resistant. While both these OS's have 3-6% of the market
share of Windows, they have much, much less than 3-6% of the number of
viruses; in the case of Linux, while two or three have been written as
demos, there has never been a virus observed in the wild in the decade
since Linus released his first kernel. Linux is simply very inhospitable
to self-propagating infections. In fact, UNIX in general is inhospitable.
While human-driven hacking tools are widely available, it's possible to
harden a system against them very easily: most such exploits involve bugs
in individual subsystems which can be tested and, where necessary, swapped
out and replaced with a secure alternative, or shut down completely.

You have to go all the way back to the RTM worm of 1987 to see an incident
in which a worm crippled a goodly number of all the UNIX systems on
the net. ILOVEYOU just goes to show that Microsoft have failed to learn
from someone else's lesson, thirteen years on.

-- Charlie



This archive was generated by hypermail 2b29 : Thu Jul 27 2000 - 14:10:35 MDT