Virus Issue 2

Andre Truter andre.truter at gmail.com
Sun Mar 27 09:32:55 UTC 2005 

On Sun, 27 Mar 2005 18:31:21 +1000, CB <ubuntu-users at crispin.cb-ss.net> wrote:
> Andre Truter wrote:
> >
> >
> >
> > One of the main problems are that Windows is based on DOS, which was
> > designed as a single-user, non-networked OS.  As Windows evolved, it
> > was never re-written from scratch, they just built security layers on
> > top of the insecure base and the security is based on additional
> > software running, it is not implemented in teh kernel or filesystem
> > itself.
> 
> Andre, this is true of the Win95 family, but not true at all of most
> Windows OS's running today. XP & Server 2003 are build on NT, which was
> built using the latest technology of its day. NT and it's successors
> have nothing at all to do with DOS. DOS programs run on it via a
> distinct subsystem.
> 

NT still had 8-bit portions of DOS in it.  NT was not built totally on
DOS, but they did use some parts of DOS code.
I think the first Windows that did not have any 8-bit code in was
Windows 2000, but the disign is still based on the flaws of NT.

Maybe Longhorn will prove to be different as it is supposed to be a
rewrite from scratch, but we will have to see.

[..]
> 
> Be critical of MS, by all means (I am, and no longer use a single MS
> product, for anything). But advocacy is  at its most powerful when it's
> fair.
> 

I know that Windows can be managed quite well and secure, especially
with servers, as you don't have to deal with enemy #1 : users.  (I
mean, that users don't fiddle with the system)

But I still think that the design of certain parts of Windows is just
opening up doors for virus writers, etc.
You can use VB to write a program that can do anything on a system by
using ActiveX controls and OCX components.

Linux has been designed to not allow stuff like that.  The application
needs to be run as root to have access to any system resources, except
if there is an exploit but in Windows you don't even need an exploit
to do this.

It does look as if Windows 2003 is a big attempt to counter this, but
the security is still not applied by the kernel of filesystem, but
rather by applications runnning close to the kernel or plugged in to
the kernel. At least this is the way I understand it.

I am not out to just bash Windows, I am just trying to explain why I
think viruses has been running wild on Windows, but on no other
operating system.
Hopefully MS will really put an effort into security with Longhorn, as
all thier previus attempts has proven to be futile.
Or am I wrong here?

-- 
Andre Truter | Software Engineer | Registered Linux user #185282
ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.za.org

~ A dinosaur is a salamander designed to Mil Spec ~

More information about the ubuntu-users mailing list