On March 12, 2004, in Thumbs Up for Longhorn Security Lockdown, Ryan Nairaine writes:

According to those in the know, Longhorn engineers are packing new technologies into the OS to check against a central patching Web service for security holes on computers. If a user does not have a patch installed, Longhorn's active protection technology will kick in to adjust the firewall or PC settings to block specific attack vectors without having the patch installed.

The operating system will then issue security warnings to the user and proactively block open ports or adjust registry settings to plug security holes.

Thumbs Down on Longhorn Security Lockdown

The vast majority of security breaches on Windows are due to the "default open" design of their internet access and HTML technologies, and the way they're integrated into the OS to such an extent that every program has to consider that any filename or object it's passed may be part of an exploit... and as a result instead of having a single security boundary around one application that deals with potentially malicious data, every program in the system is responsible for re-implementing the security model that should have been established by Windows.

There are only two possible paths forward: one, rethink the fundamental design of the user interface and separate the system into two parts to isolate the problem as much as possible to a small collection of objects that are sand-boxed and thus trusted to deal with potentially malicious data; or two, add more and more layers of aggressive security to try and keep patching holes as fast as they're found.

Almost ten years ago, when Microsoft started integrating the browser and the desktop, I managed to get Internet Explorer, Outlook, and other applications that used the same interface banned. Over the next several years we continued to use Windows and other Windows applications and tools, and we took a relatively lightweight approach to security other than banning IE. Result? Occasional single-workstation virus alerts, almost never an infection beyond one user's machine... and a large percentage of the time it was a user running Outlook "unofficially" that caused the problem. Far fewer problems than my counterparts at sites that imposed heavy restrictions but standardized on IE.

So, almost ten years ago this problem was obvious to my non-genius-level brain. I've been warning people that things are just going to get worse from both sides - system reliability and system security - until Microsoft stops depending on patches and rethinks their fundamental design. And where are we now?

"Some people are going to scream bloody murder that 'Big Brother' is watching and taking control of their systems but, if they don't care enough to keep their systems secure, then they have lost that right to complain," McLaws said.

Big Brother caused the problem, and is using the problem as an excuse to take more and more power into itself. If you don't care enough to take control of YOUR OWN SYSTEM and choose secure software in the first place, well, when one Robert McLaws ends up with his heart monitor offline (to borrow the example from RISKS) because it was running unpatched Longhorn it'll be too late.

I have a better idea...

Lynx-enhanced by <peter at taronga.com> (Peter da Silva)