Re: Where's the Bock?

In <grm5gn$2oj$1@xxxxxxxxxxxxxxxx> "Keith F. Lynch" <kfl@xxxxxxxxxxxxxx> writes:

Paul Treadaway <paul.treadaway@xxxxxxxxxxxxxx> wrote:
"Keith F. Lynch" <kfl@xxxxxxxxxxxxxx> wrote:
it would be utterly impervious to "evil code" except when someone
chooses to knowingly install and run software they find in an email
or on a web page. There's a big difference between "I want to view
the contents of this email" and "I want to run code that's attached
to this email." There's a big difference between "I want to view
the contents of this web page" and "I want to run code that can be
downloaded from this website." Microsoft deliberately chose to not
only blur that distinction, but to override users' choices when
they attempt to make that distinction using Microsoft software.

Are we sure it was deliberate? After all, Microsoft came late to
this stuff - I got the impression that IE (for example) was a rush
job to get them a toehold in the market (that at the time was
dominated by Netscape, which had overtaken Mosaic).

According to Wikipedia, Internet Explorer was released in 1995.
So they've had 14 years to get it right.

Are you sure they didn't just not think of these things?

People have been telling them of these things from the beginning.

There are three main issues:

* One is their software "helpfully" automatically running any code it
finds attached to emails or linked to web pages.

And that distinction between code and data has been gone for decades. For
example, your "terminal" accepts a stream of characters which tell it what
internal program it executes. For some of them, it interprets that as a
set of pixels it's supposed to illuminate on a screen. For others, it
means to play a note. For others, it means to execute a different
program, using some later data that it gets in the data stream as the
parameters.

ANd people have been able to exploit that code for decades. Fortunately,
terminals have only a limited number of things they can do, so they're
more limited in what the exploit can be. Although, for example, decades
ago, it was possible to send some terminals a character sequence that
consisted of "start input here", followed by an executable command (for
Unix, something like rm *, for example, followed by an "end input here".
And the next time a person who got that string displayed hit enter on his
terminal, all the user's files would be erased.

So this is nothing new with Microsoft.

* The second is the anti-concept of "opening" a file. It means one
thing to view the contents of a text file on a screen, another thing
to listen to a sound file through a speaker, and a third thing to
execute code found in an executable file. Microsoft "helpfully"
conflates these. There appears to be no way to tell the system that
all you want to do is view a file on the screen, *not* to run any
code in it. You can't even do this even if all you're doing is
"previewing" an email to see if it's safe!

That appearance is, of course, due to your limitations, not those of
Windows. I can choose to open things with whatever I want.

But it's far more convenient to not need to worry about what program to
use. I tell the system once what I want the default action to be for
"File open" for any particular type of file, and then I don't need to
worry about it afterwards, unless I want to change that action.

* The third is bugs. Especially those two old classics, array bounds
overruns and not sanity-checking input. These were known and solved
problems before Bill Gates was born. But Microsoft keeps making them.

For a solved problem, it's pretty amazing that every known commercially
useful piece of code has had those bugs even after Bill Gates was born.
Not just Microsoft's code -- everybody's. Fortunately, modern languages
make those mistakes harder (but not impossible, if you know enough) to
make. But it's probably true that programs written more than a decade ago
are likelier to have those, and should probably be banned from produciton
environments.


The problem is surely their tendency to get something out as quickly
as possible, on the assumption that they can just fix the bugs in
later versions or with patches.

So where are the later, stable versions?

They keep coming out. Windows 7 is far more secure than Windows 95 was.
But, as long as people want new capabilities, then new bugs get
introduced. And people can do far more than they ever could, and they
want to do them.

--
Keith F. Lynch - http://keithlynch.net/
Please see http://keithlynch.net/email.html before emailing me.

Ben
--
Ben Yalow ybmcu@xxxxxxxxx
Not speaking for anybody
.

Relevant Pages