On Sun, 18 Jan 2004 13:29:44 -0600, "Carey Frisch [MVP]"
The only "weakness" to Windows XP sometimes resides between the keyboard and the
chair facing the monitor. Some folks fail to download and install the critical updates
that are available free from the Windows Update website.
[*1]
They all fail to follow common sense security practices to keep their system secure.
[*2]
Good spin, weak content. There are things that NT won't do that Win9x
or non-MS OSs can do; these may or may not matter to the user.
For example, NT won't run DOS or old Win16 apps as effectively as the
OSs on which these are based, or the Win9x series of OSs.
The differences between NT and Win9x diverge once you se NTFS in NT.
This is the rock on which much of NT's security rests, but it's no
protection to attacks that run beneath the file system level of
abstraction (e.g. via a malicious Boot.ini-linked boot image file, or
natural hardware disasters at the raw sector level).
NTFS brings its own weaknesses to the party, which come as a shock to
consumers used to Win9x; no maintenance OS, no access from DOS, no
ability to formally clean malware (i.e. without running the
possibly-infected HD's code first), no easy data recovery, no
interactive file system repair tools. That's one very naked emperor.
If you take "weakness" specifically in the security sense, then the
relationship between NT and non-MS OSs is Venn. There will inevitably
be different weaknesses applying to both, given that the basic
concepts and implimentation will be quite different.
For example, as I understand it, UNIX and Linux tightly map
permissions to the file structure itself, so that there's a hard
relationship between who you are, and what part of the directory
subtree you are allowed to access. This is clear and powerful in some
ways, but restrictive in others; the MS security approach unlinks the
concept of "user" from the subtree, i.e. there's no "root" etc.
Now for those footnotes...
[*1] Some code bases don't have embedded defects that make them
unroadworthy for the Information Highway (e.g. the RPC hole exploited
by Lovesan et al, which has been carried forward from at least NT 4.0
though countless Service Packs and two major version overhauls).
[*2] This safety-obliviousness may be built into the OS. How else
could one possibly justify:
- a replacement for .ext (icons) that allows the most dangerous
file types (.pif, .exe etc.) to define their own icons?
- running HTML scripts within "don't worry, they are only harmless
text files" cookies - BY DESIGN ?
- granting unsolicited email "message text" the same autorunning
scripting rights as web pages you choose to visit?
- allowing dropper attack in any shared root (\Autorun.inf) or
any shared directory ("View As Web Page")?
- mandatory full-access shares of the startup axis?
- autorunning macros in "document files"?
- auto-binding File and Print Sharing to "the Internet"?
- autorunning raw code file attachments without sanity-checking
the file .ext against the claimed MIME type?
- autorunning material which is internally at variance with
the .ext, e.g. Word macros within .rtf files?
- a file protection system that alerts users deleting an .exe,
but not when deleting a .dll shared by multiple applications?
- a file browser UI that buries "do these often" tasks such as
Scandisk, Defrag and Backup under Properties, Tools but
leaves FORMAT in the middle of the top menu tier?
- using a single indivisible subsystem to run both local
processes and requests from the 'net? (RPC)
Many of these polyanna problems apply to NT as much as Win9x; in fact,
some (admin shares) exclusively so. A user can't "just say no" if the
software never offers the question
--------------- ----- ---- --- -- - - -
Dreams are stack dumps of the soul
