RE: FWD (TLCB) The Death of TCP/IP - Why the Age of Internet Innocence is Over

From: Miriam English (miriam@werple.net.au)
Date: Sat Aug 11 2001 - 18:45:43 MDT


At 10:32 AM 11/08/2001 -0500, Harvey Newstrom wrote:
>Terry W. Colvin wrote,
> > There' a good opinion-piece on the future of the internet, by Bob
> > Cringely.
> > < http://www.pbs.org/cringely/pulpit/pulpit20010802.html >
>
>The real problem with Microsoft is that their e-mailer automatically runs
>software some anonymous person sent you in e-mail without asking. All these
>viruses could easily stopped if Microsoft would just pop up a window and
>say, "Unknown person just sent you an unsolicited program that wants to make
>unknown modifications to your PC. Do you want to run this program? [Yes]
>[No]" But Microsoft doesn't want to do this because many of their programs,
>such as Microsoft Project, use these remote-control programs to make updates
>on different PCs from a central location without bothering to include any
>security to make sure the instructions come from a trusted source.

Yes MS's Outlook email program is a major problem (though not the only one)
but deciding on whether the item comes from a trusted source is not the
solution as most recent viruses use MS Outlook to email themselves to the
people in the Outlook address book. This means that the most dangerous
attachments can easily come from people you know and trust.

<snip>

>I disagree with Cringely that allowing access to raw sockets is dangerous.
>All this means is that networking software is easier to write under Windows.
>Instead of limiting network access to secret system calls that only
>Microsoft engineers know, they are now allowing other software vendors to
>write networking code for Windows. This will allow new network software to
>be written. Some of this software may be in the form of viruses or worms.

It is already not terribly difficult to write networking software on a
Windows PC without access to raw sockets. As I understand it, raw sockets
give the programmer control over every aspect of the packets they send. At
the moment if you want to send, say, a UDP packet then the operating system
makes it easy for you to do that; it creates the headers for you and you
just give it the data you wish to stick in it. Raw sockets give you the
ability to forge the headers so that you can make it look like your packet
came from anywhere, for example from Harvey Newstrom's IP address. This is
a real worry when they start doing very illegal things.

><snip> We already have this ease of
>network programming on Macintosh, OS/2, Linux and other Operating Systems.
>Only Microsoft had previously tried to block programmers from accessing
>their own PCs. We haven't seen those other platforms becoming hacker
>favorites.

MS machines are so insecure that blocking people from raw sockets is a good
idea. If they became as secure as Linux machines then most of this problem
would evaporate. Random programs are not allowed access to raw sockets on
Linux, from what I understand -- they need super-user (root) status. I
don't know enough about the Mac and OS/2 to be able to comment on them.

>There is nothing really new in Microsoft XP that hackers
>don't already have if they wanted.

Every XP machine that is open to the net without adequate virus/worm/trojan
protection becomes a potentially untraceable source of Denial Of Service
flooding via zombies using forged headers. (Read http://grc.com/dos/ for
information on why WindowsXP is a special security concern and particularly
http://grc.com/dos/grcdos.htm for a vivid understanding of the zombie danger.)

><snip> This system [universal ID]
>is already in place. Hackers may be able to work around this system or any
>new system of identification.

OK. Burglars can get around any security system. Do you leave your front
door unlocked or open when you go away on holidays? Why not?

It is the same with security on PCs. You can give up on security and make
it easy for every idiot script kiddie, or you can progressively lessen the
danger. You Yanks have a saying, that the price of freedom is eternal
vigilance. That is very true in this case.

>Besides any hacker that we are trying to restrict could hack their own
>machine's security to get access to their own hardware.

But they don't, and that is precisely the point. They *could* even write
their own comms from scratch and have access to their own raw sockets, but
they don't, because most of them are vandal twits with less than half a
brain to share between them. (I speak of crackers -- not hackers. Hackers
are wonderful people that we owe the entire net and much of our computer
architecture to.)

>Cringely's call for new protocols, APIs, interfaces and the like are silly.

You have misread his article. He is actually arguing against new protocols.
He wants us to make better use of what we have now. He makes no suggestions
for new APIs or interfaces.

Cheers,

         - Miriam

---------=---------=---------=---------=---------=---------=------
Q. What is the similarity between an elephant and a grape?
A. They are both purple... except for the elephant.
---------=---------=---------=---------=---------=---------=------
http://werple.net.au/~miriam
http://members.optushome.com.au/miriame
Virtual Reality Association http://www.vr.org.au



This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 08:09:45 MST