Archived posting to the Leica Users Group, 2001/12/28
[Author Prev] [Author Next] [Thread Prev] [Thread Next] [Author Index] [Topic Index] [Home] [Search]on 12/28/01 4:02 AM, Eric at ericm@pobox.com thoughtfully wrote: > In what way? > > Yes, I saw that's what the media reported. Yes, I saw that's what the FBI > said. > > Windows XP threatens the poor schmucks who buy it. Windows XP is not a > threat to the internet. It's none of the FBI's business. > > > Eric Allowing the take-over of large number of computer systems by any hacker or group of hackers (I'm using hacker in the malevolent mode not the description of an adroit programmer) allows wide-spread denial of service attacks on infrastructure components that make the internet work. Any large number of computers which can be taken-over and used (as the plug and play "feature" of XP allows) in this way, esp when connected to broadband connections, can bring whole segments of the 'net down or profoundly limit its usefulness. Think of it this way: what effect did grounding all air traffic have on the United States? Well wide-spread distributed attacks through unguarded XP systems (or any other system so exposed) can have the same effect. Because this type of attack would be distributed in nature, and because it could happen without the knowledge of the owner of the computer, it would be difficult to counter quickly and the overall effect on the internet as a whole could disasterous. Another, specious, analogy: imagine flooding the toll roads around any metro area, say Chicago or the bridges in the Bay Area so that cars were unable to pass. That's what an attack against the routers that make the 'net work could do. I find the analogy unsatisfactory but the underlying problem: of being able to flood many different parts of the net with requests is one example of the kind of disaster the security blunder in XP makes not only possible. Can other systems be taken over? You bet, but not in the same way that XP can. It's just TOO easy in XP. Microsoft didn't think through what they were doing. So it's not like making it a federal law to keep your house locked. It's about putting an easy to take-over system where it can do an immense amount of harm to the nations economy. Messing with e-mail and other networked traffic could make a serious mess of things. It's the price we pay for having the net designed the way it was as a cooperative linkage between computers. If Apple had done the same thing I'd have been just as upset with them as I am with Microsoft. Fortunately MacOS was designed with VERY limited networking that is difficult to attack and the underlying layers of Mac OS X are based on FreeBSD which is noted for its security - it's a difficult system to hack into if set up properly and Apple went to great lengths to make it difficult to set up IMPROPERLY: for example the highly privileged "root" or system administer account doesn't exist unless a knowledgeable user turns it on. So I would suggest that it IS in purview of the federal government to rap Microsoft, or ANY OTHER VENDOR, who makes systems with huge security holes that can lead to destabelizing the internet. This is a relatively shallow reply, in part because my days as a network administrator are long behind me, and in part because the issue is relatively technical. It has been discussed at length on The Register and on slash-dot.com Best regards, Adam Bridge - -- To unsubscribe, see http://mejac.palo-alto.ca.us/leica-users/unsub.html