Gates: 'You don't need perfect code' for Security 593
securitas writes "ITBusiness has an interview from the Microsoft Professional Developers Conference where Bill Gates says 'You don't need perfect code to avoid security problems.' Instead he suggests that users acquire and properly configure firewalls and make sure that they keep their software patches up-to-date. Considering that Microsoft says it is focused on security, the comments from the Chief Software Architect aren't inspiring, especially beacuse the underlying attitude seems to contradict the idea of well-written, secure code. What kind of message does that send to the developers who work for Gates?"
Since when is Bill Gates a security expert? (Score:5, Insightful)
are confusing microsoft's success in general with Technological
superiority.
I find it interesting that *anyone* would care what Bill Gate's
opinion is on security. The volume of critical problems reported, and
of actual viruses and worms that have spread across the internet
lately should've been enough to indicate that microsoft doesn't have a
good understanding of security in general.
His argument is an interesting point of view though. It sounds to me
like he's saying microsoft doesn't need perfect code because people
can just install firewalls. What if the code in the firewalls in turn
isn't perfect though? Doesn't that leave us in an insecure position
again? What about the e-mail scanning software? What if it misses a
virus? Shouldn't you have layers of protection, instead of an outer
layer of protection and a soft underbelly?
Of course he is shifting the burden back to the users of the software
again. If only they had our firewall product and a good e-mail
scanning software package, and if they kept their software up to date
none of this would've happened.
Of course if they didn't ship their software with nearly every service
turned on by default, and everyone running as root this wouldn't have
happened either, but let's not trifle with details.
I really liked the part at the end where he comments that all the
viruses and attacks on microsoft's os are really a compliment.
You keep telling yourself that Bill.
Re:Since when is Bill Gates a security expert? (Score:5, Insightful)
The part about it "being a complement", which i dont really agree with, is based on the fact that windows is high visibility, so it gets the most attention from virus writers.
The whole argument is silly though - windows is what happens when you have a desktop only operating system and transition it into a network enabled system. You end up with design flaws (everyone runs as "root") and security holes.
Re:Since when is Bill Gates a security expert? (Score:5, Informative)
It's roughly analogous to insisting that Unix permissions make harmful worms and viruses impossible, except less false.
Re:Since when is Bill Gates a security expert? (Score:3, Insightful)
Perfect code is approached asymptotically. That is, you'll never fix all of the bugs/holes/etc.
But an OS that has been refined for 20 years is further along the curve than a brand new OS that has just been released.
This will bite Microsoft sooner or later.
Re:Since when is Bill Gates a security expert? (Score:5, Interesting)
"It is axiomatic that every program contains at least one bug and can be reduced in size by at least one instruction, therefore, every computer program can be reduced to a single instruction which does not work."
There's the singularity on your asymptotic curve
Re:Since when is Bill Gates a security expert? (Score:5, Insightful)
Of course that's only true for varying degrees of "no". There is perfect software that has no bugs, but it's extremely expensive and difficult to produce. You need integrity checks at every single layer of development to ensure that nothing added compromises the code already in place. IMHO Windows should be scrapped and a completely new code base developed from the ground up with security in mind. Security is not something you can tack on as an afterthought, it MUST be implemented at the earliest stages of planning an application or you've already lost the battle.
Re:Since when is Bill Gates a security expert? (Score:3, Insightful)
Your DRM schemes are an example. Just because an encryption scheme can be cracked doesn't mean there's a bug! If the DRM's underlying encryption scheme were, for example, to encode every byte as the negative of itself, and then one just hoped nobody would figure it out, that would be ridiculously optimistic, but it wouldn't be a bug. The code itself could be a
Best excuse for code bloat (Score:5, Funny)
I mean, people act like some other systems don't have vulnerabilities; actually all the forms of Unix as well as Linux have had more vulnerabilities per line of code.
Now, that is the best justification for MS code bloat I have ever heard. It reduces your security vulnerability density!
Re:Since when is Bill Gates a security expert? (Score:5, Insightful)
I agree that many security problems in both unix and windows come from poor application design.
Compare designs between qmail and sendmail. qmail is a properly constructed unix application that takes advantage of all the facilities unix provides. sendmail is a blob. bind also suffers from being a blob. sendmail and bind alone account for a good portion of unix related vulnerabilities.
Bind and sendmail are applications in the unix world.
Unix and Windows may bother be at heart very solid designs. Remember though that microsoft isn't just responsible for the operating system, but for many of the most popular windows applications as well. IIS, Office, file/print services, exchange, etc.
Microsoft goal has always been integration. Integration and Security are opposing goals.
Single sign-on is a good example. To prevent someone from entering their password each time they want to utilitize a secure resource, you ask them for their username and password once and then cache the username/password. By doing this, you have sacrificed security for integration. The cache acts as an integrated security service that transparently lets any program that runs act with your full authority on all security resources that you are permitted to utilize for as long as your credentials remain in effect.
Re:Since when is Bill Gates a security expert? (Score:5, Insightful)
Perhaps in theory Windows has now been layered to an extent that it could function similar to UNIX, but in practice MS continues to prefer lots of functionality over security. And as the interview shows, that attitude comes down right from the top.
Re:Since when is Bill Gates a security expert? (Score:3, Interesting)
To a point, Billy boy is right. The users (and/or admins) need to know how to set things up in a secure manner. But this is only half the problem. The other half is having a platform that is designed with security in mind, and having tools that are properly designed as well.
I have personally setup remote file system access securely under unix. But I'm sure you don't care about that, I'm not an 'avera
Re:Unix is difficult, Windows is easy to use (Score:5, Insightful)
That a computer system's administrator should be fairly intelligent, able to read and learn how to do new and complex things and stay up to date with technology.
What the hell were we thinking....??
Re:Since when is Bill Gates a security expert? (Score:5, Interesting)
Do you think Administrator or LOCALSYSTEM on a box can't do
anything root can ? Change ownership of files to an arbitrary
SID (that's a lie in the Microsoft docs, claiming that can't
be done, I wrote a Win32 program to do just that about 11 years
ago
What you are complaining about is NFS, not UNIX.
Stop comparing *one* of the remote file system protocols in
the UNIX world with UNIX itself. And stop claiming that Windows
is architectured any differently. You're simply repeating
Microsoft propaganda, and people who know better will point
out you're lying. You're lying btw.
Jeremy.
Re:Since when is Bill Gates a security expert? (Score:5, Informative)
He was talking about how important it is to have secure code, and all the initiatives they have to fix security holes.
He also talked about how fast worms are spreading these days. Patching is not going to be sufficient - a bug discovered and posted will turn into a worm hours or days before Microsoft will respond with a patch. By then it'll be too late.
One born every minute! (Score:2, Insightful)
Microsoft's expertise is controlling the market, not writing code.
Re:Since when is Bill Gates a security expert? (Score:5, Insightful)
Just because their code is bad doesn't mean they don't understand security, it may just mean it is not profitable to write perfectly secure code.....and they get money from upgrades :)
Re:Since when is Bill Gates a security expert? (Score:4, Insightful)
I've said it before (even though I don't like to), but Bill Gates is not an idiot. He's a pretty intelligent guy who is more than capable of understanding computer security. But, for some reason he choses not to implement it in his software.
Re:Since when is Bill Gates a security expert? (Score:5, Insightful)
Three parties are responsible for providing a secure computing environment:
- The software creator or vendor: needs to code carefully, to test exhaustively, to debug, and to audit.
- The exploit writer, releaser: ought to publicize the vulnerability by describing it and illustrating protection measures before hammering the world with a working exploit to illustrate the deficiencies of the other two parties.
- The user hooking up his purchased system to the net. Should be listening to the other two parties about what's vulnerable, how to mitigate it in the short term and patch for the long term.
I see all three parties not wanting to fulfill their responsibilities and trying to shift blame on to the other two parties.Until Bill Gates starts to act more like Theo de Raadt, I don't belive he's upholding his part.
Not only that (Score:5, Insightful)
I'd say two things to him. First, the only completely effective firewall is the one where I unplug my computer. Assuming you leave a port open, that's a possibility for an attack. Second, all a hacker needs is a proper buffer-overflow in a user program that employs that port, and it's fun time. I'm sure Internet Exploder etc wouldn't apply there. No, not at all.
He has a point in that firewalls have to be a large part of the solution. However, the idea that I can write the world's shittiest code and this is OK because I have a firewall is ludicrous.
Naturally, all this assumes you don't buy your firewall software from MS. That would be pretty funny.
Re:Since when is Bill Gates a security expert? (Score:4, Insightful)
His argument is an interesting point of view though. It sounds to me
like he's saying microsoft doesn't need perfect code because people
can just install firewalls. What if the code in the firewalls in turn
isn't perfect though? Doesn't that leave us in an insecure position
again? What about the e-mail scanning software? What if it misses a
virus? Shouldn't you have layers of protection, instead of an outer
layer of protection and a soft underbelly?
This in and of itself proves that Mr. Bill does not have a clue, not only about security but about how the recent worms propogated. Firstly, firewalls are not a panacaea. They only protect from extenral threats. They do not protect against internal threats or trojans/viruses/worms which are brought inside. They do not protect you when you have a worm/virus infected computer connecting to your network via VPN remotely or which is brought inside after being infected. They also do not help you if there is a vulnerability in a core world-facing service like, say, IIS.
These things should be intuitively obvious to the meanest of minds, but are beyond Bill Gates' understanding. Further, he has put the lie to his earlier promise of better software. Now that security firms have been paid off not to report Microsoft holes that they do not deign to fix, Microsoft seems to be ditching the whole idea of writing secure code. It's not as though it was anything more than a marketing ploy in the first place, but now he has pretty much told us that Microsoft will write crappy software on purpose because they don't believe that software has anything to do with security.
If you continue to use Microsoft products after this, well, I guess you get what you deserve.
Re:Since when is Bill Gates a security expert? (Score:5, Insightful)
More importantly; A firewall -- depending on the situation -- prevents access to some ports, and allows access to others.
When data can be transfered through the firewall, you now depend on the program servicing the port to be secure. If it's not, the fact that there is a firewall in place won't matter since it's out of the picture.
Who is Bill Gates? (Score:5, Funny)
I would like to hear what a real security expert like Jeff Goldblum had to say, though. After all, he managed to interface a Mac with an Alien computer. I mean, he's no Sandra Bullock, but he's still a pretty good "hacker". (That's the correct term, right?)
Re:Since when is Bill Gates a security expert? (Score:5, Funny)
More to the point, what if the firewall RUNS ON WINDOWS??
It sounds to me like Bill Gates has just become a strong advocate of Linux/*BSD/UNIX based firewalls. Tee hee hee....
From the Windows XP "Getting Started" book (Score:3, Interesting)
There's a line between convenience and leaving the whole system completely open. This is on the wrong side of that line.
What kind of message? (Score:2)
Re:What kind of message? (Score:2)
"Sometimes imperfect code is better" (Score:5, Funny)
Answer to Last Sentence From Title.... (Score:2)
That's why Outlook is so *cool*.
T.
As an SSL developer (Score:5, Interesting)
Majority of security issues come not from buffer overflows in the application code or similar stuff, but from dumb users clicking on e-mail attachments and downloading wicked screensavers.
Ever ran Spybot through a typical home user computer? Middle-aged women seem to be the worst offenders, Spybot and Ad-aware have pages and pages of stuff that the user usually isn't aware about.
Re:As an SSL developer (Score:5, Insightful)
Of course they are. They tend to be trusting and don't realize that perfect strangers are more than willing to screw them into the ground. But the OS doesn't need to be a welcome mat for these problems. There are some very basic things that MS could have done to make Windows secure enough that being a trusting user doesn't put the entire system at risk.
To make a analogy that fits users of this level and background, your point is like saying that cars are less likely to get stolen if the doors are locked and blaming said car owners for because their Fnords are getting stollen because they haven't locked the doors that Fnord didn't bother to install in the first place.
Re:As an SSL developer (Score:3, Insightful)
Why? Because the manufacturers put in a switch which makes it hard to do it. The blade won't operate without the lid on.
Now you CAN work out a way to remove the guard and cut off your fingers...if you really want to.
If Windows had been a little better thought through, they'd have locked it down, done more sandboxing and helped people run it in idiot mode, or allow people who know what they are d
Re:As an SSL developer (Score:3, Interesting)
And you (like me) probably know a lot of the tricks of hackers and how to protect yourself with Firewall, Anti-virus, not downloading .exes sent in the mail, patching, whatever.
A huge number of people who don't work in the computer industry or have office jobs don't.
The following could all be delivered via Java Applets within a web page: email, office, games, small business accounts, graphical design, instant mess
We don't need perfect code for security (Score:5, Insightful)
For the rest of us, however, security starts with the code.
I have 2 words for Mr Gates. (Score:2)
Re:I have 2 words for Mr Gates. (Score:2)
Okay, thanks for posting!
Sooo. (Score:3, Insightful)
Yeah. You can use firewalls(cough). That's why Unix is the Internet OS.
What about the Firewalls? (Score:3, Insightful)
Do we string together a series of firewalls in the hope that the code problems don't overlap?
Re:What about the Firewalls? (Score:2)
Re:What about the Firewalls? (Score:4, Funny)
There is no way that should be possible... (Score:3, Insightful)
If a computer in the act of being installed is exposed to the net unprotected, your System Admin's need to be dragged out and shot.
If it's getting infected by an infected computer INSIDE the corporate firewall, your IT department needs to be dragged out into the street and shot.
There is absolutely NO GOOD REASON that a computer should be freely attackable in a corporate environment unless the IT Department is grossly incompetent.
Read into it what you want (Score:5, Insightful)
Look at me, I'm just going to get the latest debian iso and install it and not worry about anything!
Look at me, I'm just going to go buy a car and not worry about locking the doors or using a club, because I expect that the ignition system is tamper proof.
Don't blame the architect when someone comes through an unlocked window in your home and steals your stereo.
No, you don't need perfect code. Linux has no "perfect code". If it did, Linus et al would be finished and have moved on to other things.
I dont rely on Linus for security, I don't rely on Bill Gates for security. At the end of the day, it's my system, and it's up to me to take steps to protect it.
Re:Read into it what you want (Score:5, Insightful)
Joe SixPack either does nothing or sues someone.
Re:Read into it what you want (Score:2, Insightful)
Too bad most people who use computers don't know what steps to take. Even with Windows Update enabled to run automatically, people won't have secure computers. It is the responsibility of the car makers to make cars safe, should it not be the responsibility of operating system makers to make desktops safe?
Unfortunately, without government intervention car makers wouldn't have made their cars as safe as they are today by them
Re:Read into it what you want (Score:5, Insightful)
You might be a college graduate, hell a professor when it comes to security. You might have an understanding of every open cryptic algorithm in use today. You just might have learning and experience which has engraved security processes onto your heart.
But then, there's the rest of us. I'm a simple web/graphics designer. I don't even know how to compile a program. The most complicated things I produce are script. In the technical arena my contributions are child's play. As a long-time windows user, I had no concept of security. It was accepted fact that I had to patch and run process sapping virus scanners to prevent what was inevitable anyways, the infection and subsequent re-install of my operating system.
In the last year, I switched to Linux. Debian, first, now RedHat 9.
It's Linux that taught me security. It's Linux that gave me a better understanding of how ports work, how services can be hijacked and used to tamper with your machine, how random programs can degrade my security, how running as root is like volunteering my machine to be a DOS attack zombie.
Linux isn't inherantly secure due to superior code (don't get me wrong though, I strongly believe Linux utilizes superior code). It's inherantly secure because it conditions its user to consider security. Debian and RedHat taught me where vulnerabilities can exist in my operating system, and how to account for them.
Thanks to Debian and RedHat, my Windows box is more secure as well.
I may not have the safest internet-connected box on the face of this earth, but I can rest assured I'm in the top 10% when I'm using my Linux-based operating systems.
Security is a process not a state (Score:5, Interesting)
There is no such thing as software without bugs.
There is no such thing as an operating system without vulnerabilities.
No scan will find all the holes.
No firewall will protect you from all attacks.
No patch will fix all your systems.
No intrusion detection system will catch all breakins.
No employee screening process will weed out all the criminals.
No employee training program will eliminate all employee mistakes.
Security cannot be purchased.
Security cannot be achieved.
The security process is a checklist of items that should be evaluated and expanded periodically.
Continuously and actively search for vulnerabilities. If the cracker knows about the hole before you do, you have a problem. Run scanners, hire people to test your security.
Read security advisories, keep systems up to date with the latest patches, consult others who also try try to keep their security bar high.
Take preventative measures: install a firewall, train employees to use secure practices, implement stricter checks and balances.
Detect problems with intrusion detection systems. Put up honeypots and tripwires. Enable logging.
It scares me, but Microsoft is right.
Re:Security is a process not a state (Score:4, Insightful)
Your thinking is one of the reasons that security is often breached. It is not possible to think about computer security without securing the computer physically. The security process requires holistic thinking. You cannot just dismiss ways to bybass security with a "well, of course somebody could do that". A cracker may find it easiest to get in via the wire, but a determined cracker won't stop at that. Unless you are thinking of every way to break in, just like an attacker would, you have vulnerabilities.
There are other ways around the wire as well. What if your mother (child, significant other, friend, employee) were using your computer (you let them while you aren't home), and somebody calls you and impersonate you or claims to be a friend calling on your behalf. The attacker has her go to a website, download a program, and run it. The program reads your private data and sends it. Do you expect Microsoft to prevent this type of attack? There are some things you can do to lock a system down so users can't install and run software, or upload to the internet, but it is a hard problem to solve.
Re:Read into it what you want (Score:5, Insightful)
I have a car. Even though I locked the door... it fell off.
Basically what I'm saying is that the basic of security that the manufacturer should provide isn't functioning. Of course I could always use 'the club' but the door shouldn't fall off the hinges.
Of course if you wanted a true analogy of what Windows security is like:
You can lock the doors - but the door locks are hidden and my mom couldn't figure out how to do it and the doors come unlocked by default. Even if you lock the doors the windows are always open - and there is no way to close them without buying the windows rollers yourself. If somebody gets into your car not only can the ignition be turned by any basic screw driver but they could blow up the entire car - including the engine by using easy to use functions from within the cabin of the car.
Now take OS X (I haven't used Linux in a while so I'm more familiar with OS X)
Your car comes with the doors locked by default. The windows are all rolled up. If somebody DOES get into the car - they can trash the cabin but can't destroy the engine.
Re:Read into it what you want (Score:4, Interesting)
I think security should be important in _all_ phases of product usage, not just the user. It should be important in design, coding, testing and actual use. Any weakness in those four reaps a weakness in the entire product.
It is important for the user to take proper steps but that doesn't releave any product maker from their end of the responsibility of properly designing and producing secure code. Yes, the user should take steps but then being a user of any particular piece of software shouldn't be a "kick me" sign.
Gates isn't wrong; argument works against him. (Score:3, Insightful)
That's why I find free software to be superior to non-free software. With non-free software you must "rely on someone else to keep your computer secure" because only one person or organization has the source code and the legal authority to improve the software. If a program is Free Software for me, I get to choose how much time am I willing to spend developing the skill to improve my software to suit my needs. It doesn't mat
Re:Read into it what you want (Score:5, Insightful)
But would you buy a car that didn't even come with locks on the doors, and instead of needing a key to start the ignition you just had to press a big red button on the dashboard that says CAR GO NOW?
Microsoft isn't 100% responsible for making sure your Windows installation is secure. But at the same time, MS isn't ZERO percent responsible, either. They need to do their share.
Perfection (Score:3, Interesting)
Ironic (Score:2)
And what are home users supposed to do? Block off their e-mail ports so they can't get mail? That'll stop viruses for sure.
What he's really saying (Score:3, Insightful)
sort-of has a point (Score:3, Insightful)
The message: (Score:2)
Since you can't write secure code, we'll just pretend secure code is unecessary. And when they gets bugs and viruses, just blame it on the user for not configuring their firewall right. And prepare to be buried by an avalanche of patches in the aol-cd-level magnitude range.
Transfer of blame (Score:5, Insightful)
Its not the users responsibly to compensate for poor design, regardless of the product. Be it an unsafe car, or insecure OS.
Micro$ecure (Score:4, Funny)
By that logic, Microsoft software should be the securest software around.
Ironic (Score:2, Insightful)
Here is a guy who knows nothing about perfect code, nor security.
Reminds me of the child who keeps on flunking school responding to the first sign of criticism, "I don't have to be PERFECT, do I?"
Perfection is illusion (Score:3, Insightful)
"All code has at least one extra instruction and at least one bug. Therefore by extrapolation, all programs can be reduced to one instruction that doesn't work."
Right an Wrong (Score:5, Interesting)
The first sentence is correct -- or moot. The last is pure bullshit.
"Perfect" code is probably unattainable in complex applications. This is why things like firewalls, IDS, backups, etc. exist. Code should be made as good as possible, but dwelling on perfection will only pull your focus from other issues.
However, no virus or firewall in the world is gonna stop a cluleless user from clicking on an attachment and screwing their system. Virus scanners are mostly reactionary -- if it isn't in their list of malware, they can't find it. If it is a new way to screw users, and they click it...
EVEN if users have to jump through hoops like not executing from inside the mail program, saving it to the desktop, unzipping, scanning -- they'll screw something up. It is the nature of the beast.
Even with sandboxing -- good luck getting a user to execute the code in a sandbox first, every time.
Re:Right an Wrong (Score:3, Insightful)
Actually, the last point is worse than bullshit. It's downright dangerous.
One of the most important rules of security is: Don't engineer a single point of failure. The reason for firewalls et al is that we know that the software that they protect will be insecure despite our best efforts. That's why we put up an additional barrier.
Relying on firewalls because we made the software insecure and have no intention of fixing it is effectively engineering a single point of failure.
Re:Right and Wrong (Score:4, Insightful)
That's not to say that nobody will find a way to execute such a program. The problem with sobig, though, was that so *many* people ended up running it, because of how easy it is to do in mail programs.
Except many worms are spread through more than one means.
A real case I dealt with: the I LOVE YOU virus.
The ILY virus spread through local network shares and e-mail attachments. The parent office of a corp I worked for (2,000 PCs) was hammered with it. It took them two days to clean up.
Then, the next day, some idiot who originally *thought it was a real love note and saved the attachment to his desktop* executed it again -- out of the context of an e-mail attachment.
The shame and humiliation heaped upon him was enough to ensure he wouldn't ignore IT memos again. However, it brought the e-mail servers down a second day while it was fixed. Again.
In a LAN environment, all it takes is one idiot.
passing the buck (Score:2)
Looks like Mr Gates has been taking lessons... (Score:2, Funny)
"Rarely is the question asked: is our children learning?" [bushisms.com]
What if someone else said that? (Score:2)
Gates and numbers (Score:2)
This is not clear, but seems to suggest
(a) he thinks that 100/12 is close to 10;
(b) he thinks there are 57 (TM Heinz) or more vunerabilities yet to be found in XP but the intensity of attack has not been high enough yet.
This is the subject line. (Score:2)
BG is right, to a point... almost.
Good design will minimize the liability from imperfect code, but unfortunately, MS hasn't gotten to the point of admitting their design is the problem yet. When they do, this interview will mean something.
(Oh, and I'm sorry for the ridiculously lame subject line, but I'm finished summarizing for today. [grin])
Answer.... (Score:4, Funny)
That it's time to get more G5's because 18 isn't enough...
Silly Soccer Moms (Score:3, Insightful)
We're going to see some obvious responses to this post about the faults of closed-system software, but Gates does bring up a good point: It's hard to have a secure system if the end-user doesn't know what he or she is doing. It's like a car that you drive for five years without ever getting the oil changed; there is no patch for ignorance. And what's funny is: whenever a company tries to become more user-friendly, Windows, Macintosh, etc., the hardcore community gets on their case for it. If we could develop an open-source system with enough depth to satisfy the experienced users, but is easy enough to keep in control by the neophytes, then you could have a widespread, secure system.
Beware his Jedi Mind Tricks (Score:4, Funny)
(aside to Ballmer - "The Force gives power over weak minds")
Ballmer: "Um yes, the Force gives power over weak minds."
BillG: "Steve, stop that!"
Ballmer: "Um... Steve, stop that!"
He's right (Score:2)
Well that's solved (Score:2)
As long as everything is tunneled through port 80, not only am I safe (got a firewall) but also fully productive without the inconvieniences of a firewall.
I'm glad we have people like Bill Gates to solve all our problems for us.
(Yes, this post is a troll.)
Context (Score:2)
And, of course, you don't. You can just unplug it from the network.
More to the point, though, is what's required in terms of code quality for the context it's running in. Windows' evolution has been one of a desktop operating system becoming a network-centric operating system, whereas *nix's history has been the reverse. This, naturally, is the area where Microsoft has the most catching up to do.
And the real funny part is... (Score:4, Interesting)
How much trouble their products have when seperated by stateful firewalls. I mean, it wasn't until after AD was out for a bit that they realized you couldn't put a firewall between them and for large corporations, that wasn't acceptable. Now there is a bogus work-around, but ultimately W2K is horrible at dealing with firewalls inside the enterprise.
And the whole idea of a protected shell, soft middle has been destroyed by the likes of Nimbda, Nachi, etc. Eventually, someone gets past the outer shell.
We like to keep all of our satallite locations seperated by Firewalls, but as we started moving to W2K3 we found out Microsoft won't support our infrastrucure with internal firewalls...
Real nice Bill, thanks for the help.
Business mentality (Score:2)
Bill is right (Score:2, Insightful)
Linux code is not perfect and is secure.
Patching only protects against amateurs (Score:4, Informative)
From a military perspective, "patching" is equivalent to deploying your forces to protect against kids throwing rocks over the base fence. That won't help when an organized force attacks.
Re:Patching only protects against amateurs (Score:3, Insightful)
The Blaster worm was a good thing in that a major flaw which basically rendered permissions irrelevant is now fixed just about everywhere...
The recent RPC bugs have been around since NT 3.51. Do you honestly believe that real hackers have not been taking advantage of that fact for years?
Maybe he meant something else? (Score:2)
1) Microsoft makes code with lots of bugs, so protect yourself as if you were a sailor in Shanghai.
2) "I" (meaning BG) can't figure out how to make secure code. And since I'm rich, I will buy your company if you figure it out.
hmmm....
Left Hand, meet the Right Hand (Score:2)
Considering that Microsoft says it is focused on security, the comments from the Chief Software Architect aren't inspiring... What kind of message does that send to the developers who work for Gates?
The same message M$ has always sent.
"The left hand does not know what the right hand is doing, so once again you're on your own, folks."
Weaselmancer
Taking a page from George W. Bush (Score:2, Funny)
Gates is saying the more attacks and flaws that are exploited proves Windows success.
Do you believe either one?
Oh dear god... (Score:2)
br That's funny, I haven't ever seen a BSOD on my Linux machines? Every system has vulnerabilities Mr. Gates, the difference is that the people working on Linux/Unix FIX the problems...
A pat on the back (Score:5, Insightful)
seriously.
that does not follow. (Score:3, Insightful)
IS NOT
'you can't rely on perfect code for security'
First, imperfect code is a security problem. M$ has many flaws and they know it each time they ship code. The kind of problems M$ has extends to poor design as well, so it would break even if it were perfect.
Second, Bill's statement implies that his company never will get better. That's something anyone familiar with M$'s history and hype knows, but it's kind of in-your-face for him to put it
patch size (Score:4, Insightful)
In the US, where most people are still on dialup, how can anyone reasonably expect that people are going to download tens of megabytes of patches?
Microsoft should be mailing out free CDs with the latest patches.
Advocatum diaboli (Score:3, Insightful)
Once you recognize this, attention must turn from achieving some mythical perfection to dealing with the probable scope and impact of errors. Just for example, one good thing about languages like (e.g.) Perl and Java is that (absent major kludging) they are incapable of expressing a buffer-overrun bug, a category of possible bug in (e.g.) C which is single-handedly responsible for a majority of significant net security holes.
In other words, once you admit that your code will never be perfect, you are forced to consider how to limit the damage your imperfections can do, and that in turn steers you toward technologies, processes, and practices that help you with that potential-damage reduction goal.
In that sense, Gates is entirely correct that one key to maintaining a secure system is to limit the accessibility of unneeded ports (and the services possibly behind them) from the net at large. Yes, ideally, all those ports and services would be invulnerable to attack. But we know that we're not perfect, so we play it safe and use a firewall. It's classic "belt and suspenders" engineering.
There is certainly a lot to be said about Microsoft's culpability for the low quality of their products, particularly with regard to security. But that doesn't mean Gates was wrong to say what he said.
use a firewall? you mean, a badly coded firewall? (Score:4, Funny)
oh lordy.
this is their subscription business model (Score:3, Interesting)
They are pursuing a subscription based model which the regular release of software patches supports. Now users see regular patches for scary new security holes downloaded on a regular basis... I expect now that most people are getting used to it, that Microsoft will shorten its supported lifecycle for OS releases and require full upgrades... which of course you can get downloaded to your machine directly using a credit card.
Funny how Bill is using the Open Source community to help spread FUD about its own products which will then be used to help force regular costly upgrades on people.
Security concerns might cause some people to start using Linux Desktops, but the majority of people will just buy into a system of regular updates from Microsoft.
This is a no win issue for the Open Source community.
The evil is too strong to resist, the only way to win is to deny it battle.
Comment removed (Score:3, Insightful)
"Execute Permissions" on code blocks (Score:3, Insightful)
This would prevent most buffer overflow attacks.
I think it's correct to assume that you'll never--on a box where many companies can write software--have 100% perfect code. Having hardware at the processor and network level to add security is a fine idea.
Microsoft isn't too far off the mark.
he is actually right (Score:3, Insightful)
If Gates isn't/wasn't a coder, few of us are (Score:3, Interesting)
I couldn't google the link up quickly, but I started giving Gates credit as a coder when I read how his BASIC interpreter worked. I've done just a touch of assembly programming as a hobby, and Gates apparently, to save space, was able to cleverly reuse bits of the interpreter when newly written portions of his code matched previously written portions closely.
That is to say that he scoured the code he'd already written to see if there was any place he could JSR to r
Well...Bill's sorta right here... (Score:3, Insightful)
A good example is the number one favorite tool of the hacker, the buffer overflow. I don't care what OS you have, if you have buffers that can be overflown, you have insecure code. It doesn't matter what "user" the code is running as when it gets full access to your memory and command stack.
So use one of the dozens of languages that won't let you write unchecked code. And you can write as sloppy as you like -- nobody's going to be able to bust down that door. To be honest, i think in the next few years we'll see more of this sort of problem with LINUX than we will with Microsoft. Microsoft is trying to get everybody to write for a virtual machine in languages like C# and VB.NET (which is significantly less of a joke than you think it is). Whereas open source developers seem to pride themselves in sticking to archaic C code...shit, that language was old when I was in MIDDLE SCHOOL (in fact, the computer librarian would only let you check out books on C++). It's not "faster" in today's world, where machines are three clock cycles FASTER than the fastest common interconnect...coding in C is simply some bizarre combination of laziness and bravado. Hey, if you guys want to code in a masochist's language, there's always PERL. The rest of the time we should all be in C++ and Java wherever possible. Sorry if those overflow checks take
First true, then False. It's not enough! (Score:3, Insightful)
Actually, that's true. For security, you want to minimize the amount of code that's important for security, and the security-relevant pieces have to be right in the sense that they don't allow security to be broken. Even the critical pieces can be imperfect as long as the imperfections don't harm security. But there's a danger here - typically the bar is set far too low. My fear is that this will be interpreted by his developers as "slipshod implementations are still okay." Which is not true - the parts that matter, still matter.
Tools and security audits can help, as can firewalling and keeping up with patches. But that's not enough. Training developers how to develop secure software , and giving them the time to do, is probably even more important. I know Microsoft has done at least some of that, though I don't know how widespread it is and how well it's compensating for all the years they did not do that. Techniques other than the ones he's listing are frankly more critical, too. In particular, the system needs to be broken down into smaller, mutually suspicious pieces with minimal privileges, so that breaking one component doesn't break everything. There needs to be multiple layers of defense. The system needs less tight integration, and it needs to be easier to disable and remove everything not strictly necessary for a particular task. In contrast, firewalling is only a first baby step - his competitors (like Red Hat Linux) enable that by default as a starting point, and so Microsoft is only just catching up there. Besides, viruses are almost entirely an Outlook-unique problem, other systems are designed to not have that weakness in the first place. Patch management is important, but given Warhol worms, they won't be enough - if attacks take a few seconds or minutes, we won't be able to patch every system around the world fast enough.
I hope that Microsoft is doing much more than Mr. Gates is saying here.
Yes, remember folks... (Score:3, Funny)
Chris Mattern
Read the article (Score:3, Informative)
Taken out of context, what Gates said sounds ludicrous. You also have to remember that this was an off the cuff remark. Read the whole article and it makes more sense. His point is that despite the holes in Windows code, patches were provided prior to the hole being exploited and the people who patched their systems and had reasonable security (i.e. many layers) in place had no problems.
My experience would seem to support this. I see a lot of networks in my travels. The folks who are on top of things don't seem to have a lot of problems. The folks who aren't have lots of problems, viruses and otherwise. I would say that the quality and quantity of the people involved is more important than the OS that you run at this point.
The biggest problem that I see is IT departments that have people with insufficient skills. The right person with the right skills can make all the difference in the world. Many companies deploy systems in a haphazard fashion without thinking about maintaining the systems. Before you know it they have a big stinking mess that is going to cost a lot of money to clean up when it could have all been avoided if the right people had been involved from the beginning. Once the mess is there, they can't afford to go back and fix it. They have systems everywhere that aren't patched and were never locked down properly anyway. They have no way to centrally manage the systems and don't monitor their network traffic.
If you have your shit together and pay attention to detail, you can maintain a pretty secure environment with Windows. I would say that this is the same for most major systems out there. Look at the security patches available for Linux, Apache, and most other software out there. If you are lax then you likely have security vulnerabilities no matter what you have installed. There is no perfect code out there. Any complex system is bound to have holes.
I think that it is unwise to underestimate Microsoft. In the past, stability was the main issue. They have come a long way in improving stability. Now the main issue is security. It is going to take a couple of years but I would say that you will see a level of improvement that is comparable to the stability improvements seen in NT. It won't be perfect but it will be good enough to keep people buying.
Re:Perfect Code isn't possible (Score:3, Insightful)
Re:Perfect Code isn't possible (Score:3, Informative)
So he just said, yes we are trying our best, but it's not gonna be enough. That's a pretty fair statement regardless of the environment. Perfect code does not exist. You cann
Re:It suggests that all code has flaws (Score:2)
Once you open a port to a server, all data can flow in and out through the protocols specified. You really cant block "bad" tcp data if your server is accessable.
Re:1st. (Score:5, Funny)