|
|
Warp wrote:
> On the subject of virus scanners in particular, I'd say that the very
> need to have such scanners is a symptom of fundamentally bad OS design.
While I agree it would be nice not to need such things, I don't think many
of the common OSes don't need it. Something like Singularity, where you
can't run code that does something "unsafe", where you have to reboot after
installing a new executable, and where every executable declares in the
manifest what system resources it'll need? Sure, much less virus-prone.
> The reason for this is that unixes have always been designed to be
> multi-user operating systems while DOS/Windows has been designed to be
> a single-user OS with no regard to security.
And yet, I got a virus from a web page while running in a non-privileged
account under Vista. (The first ever malware I ever myself contracted, in
any system since 8-bit computers, I'll mention.) Nowadays, malware attacks
individual accounts. You hit a web site, some bug in Firefox lets some piece
of Javascript write some garbage to some hidden directory, and you have
malware. Bazinga.
It's not like UNIX or IBM big iron never had a worm or virus. They just
weren't trying to hide at the time. I daresay if something like the Morris
worm got a toe-hold nowadays, it would be some time before someone noticed it.
> You should
> not be able to access other users' data without permission, and especially
> you shouldn't be able to access the superusers' data without permission.
> This causes security to be built into the system from the ground up.
But this has been the case with NT forever, and since XP, people haven't
been running superuser. The problem is that people bitch about the security,
complain they can't set the clock without typing a password, etc.
> The DOS/Windows design always took basically the exact opposite approach:
> Whatever the user wants to run or do, the OS allows.
That's kind of what happens when you don't have virtual memory mapping.
> This made the spreading of viruses and malware *trivial*.
It's still pretty trivial, methinks. You don't need to be superuser to
spread the kind of malware that spreads these days. People aren't looking to
take down your machine. They're looking to install a firefox extension that
records your bank logins and posts them to a hacker's web site. No admin
privileges needed for that at all.
> rather than relying on the users;
Nah. It's in three parts: (1) unix was and still is used primarily by people
who understand how computers work at least a little; (2) when people broke
into unix systems, they got 50,000 accounts, so they didn't really need to
propagate as much; and (3) the actual problem with trojans (which is where
most malware comes from these days) was solved before networking was ubiquitous.
For example, that was the whole "NT3.5 has C2 security" stuff came from:
there was an actual keystroke (C-A-D) that would uninterruptably ensure
you're talking to a specific program, e.g. the login prompt. UNIX had no
such feature - anything the login program could do, so could a user-level
program, except for the actual logging in part. It's why "." isn't in the
path by default on UNIX (any more). There are, basically, 101 fixes in UNIX
for security that was broken in spite of being multi-user. It's just that
UNIX is old enough and had multi-user *early* enough that *those* kind of
fixes got put in place before networking was common. Otherwise, I suspect
you'd see way more worms and such in UNIX, for the same reason that even now
XP and Vista and etc have more malware for them than UNIX does.
> in the single-user OS's it requires a very significantly more radical
> change in design than just fixing a few bugs).
Sure, but Windows hasn't been single-user for 10+ years.
--
Darren New, San Diego CA, USA (PST)
Serving Suggestion:
"Don't serve this any more. It's awful."
Post a reply to this message
|
|