Laser Blog

Articles tagged "security"

71 Who's in charge of your PC? - Part 2

Friday 13th April, 2007

Last year, I posted a link to an article about proposals by the Swiss government to surreptitiously install trojans onto people's PCs.

Now it seems that the German government has similar ideas.

German Interior Minister Wolfgang Schaeuble has confirmed plans to seek a change to the constitution to allow the state secret access to the computers of private individuals, in an interview published Thursday.

"Under certain conditions it must be possible for the Federal Criminal Police Office to search computers in secret," Schaeuble told the Handelsblatt newspaper.

To be honest I felt I was somewhat restrained in my analysis of the previous article. This sort of thing (surreptitious searching of a PC) can happen in two ways:

  • The government secretly installs a trojan
  • The vendor installs a backdoor

The problem with the first option is getting the anti-virus people on board. Only one of them has to step out of line (and proudly boast about it) to stop this from working. So this leaves the second option. With the second option (and with the first option, to be honest), only one or two possible candidate OSes spring to mind. Windows and MacOS. It simply isn't going to happen with Free/Open Source operating systems, because anyone can see the source and adjust it as they see fit. Furthermore, vendors who need to please their shareholders, and desperately want sales would love to have a "government approved" sticker on their product.

Either way, tech-savvy people will find ways around it. It's too risky not to, since crackers will find ways to use these loopholes for their own purposes - if there's a door, there will be a way to open it. By referring to the "tech-savvy", I also mean the people that the German government are supposedly targetting, so ultimately only the "innocent" will be running infected PCs. But as many of these types like to say when civil rights get eroded for political ends, "if you've got nothing to hide ..."

What the article really demonstrates is how stupid politicians and civil servants are when discussing anything other than their own field of expertise, which is politics, not IT. I wonder if the plans allow for police officers' and politicians' PCs to also be compromised in this way.

~

68 The problem with Vista (and more)

Thursday 22nd March, 2007

An interesting run down of Vista from The Inquirer. This is actually part two, part one is here.

The article repeats a few things that often seem to get overlooked or ignored:

Windows is a security nightmare. The reason we all get thousands of spams, the reason that we have to run virus and anti-spyware checkers that slow our high-power electricity-guzzling scalding-hot PCs down to the speed of the ones they replaced, the reason that the whole Internet is bogged down with sending all those spams, the reason that criminals hold websites to ransom for millions of dollars a year: it is all Windows' fault.

It's because of the hundreds of millions of compromised PCs that form zombie armies, sending spams, participating in distributed-denial-of-service attacks and so on, all without their owners' knowledge. They still work, they're just a bit slower. Who notices? Next year, you just buy a faster one. (With Vista on it.)

Depressing how people will settle for mediocrity, isn't it?

~

64 Vendor Has 'Conflict of Interest'

Friday 16th March, 2007

It's a "huge conflict of interest" for one company to provide both an operating platform and a security platform, Symantec Corp. CEO John Thompson said during a keynote speech at the Cebit trade show in Hanover, Germany.

The vendor is, of course, Microsoft.

I don't think there's any conflict of interest here at all. Well, maybe there is as far as the consumer is concerned, but does that really matter? Sell a deficient product, then sell another deficient product which purports to make the first deficient product less deficient. Hey, why bundle it if you can make an extra buck by selling it?

~

48 Gates “dares anybody” to exploit Vista

Wednesday 7th February, 2007

No OS is perfect, but Vista seems to have had it's fair share of exploits for such an unpopular OS.
Rob. April 2015.

Poor Bill. Is he feeling a little stressed, to be making such outrageous statements?

Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine.

He's a clever guy. What is his game?

~

42 Amusing Vista security claims

Wednesday 31st January, 2007

This article has been prominent in technology section of the BBC News page.

Windows Vista is "dramatically more secure than any other operating system released", Microsoft founder Bill Gates has told BBC News.

When I first read that statement, I burst out laughing. It had to be a joke. OpenBSD sprang straight to mind. It couldn't be a serious claim. Further on, the article says:

Security analysts have praised the improved tools in Vista but many feel that holes in the operating system eventually will be exposed and that Microsoft will continue to need to update it through online patches.

Well, you know what? The first service pack is already being built! That means that there are known bugs. "How long before Vista SP1 is released" = "How long before known Vista bugs are patched". Well, here's a rough guideline for you; with Windows XP, it took 11 months.

~