Home » Learning Curve » Red Hat Diaries
The Day the Earth Stood StillI'm impatient with stupidity. My people have learned to live without it.
- Klaatu
It's hard to not get swept up by the hysteria surrounding the Catch-22 release of Windows 7. It's not hard to not get sold by it - buying into that idea is like visiting a hooker who admits having contracted AIDS but insists she's been cured. But it's hard to not get annoyed and even depressed by the whole thing. Human beings are blessed with brains, wrote Dali Rău, but they totally lack the ability to use them.
One might well have missed the hysteria if one didn't hang out at all the Windows fansites. And why would one do that? Microsoft burned their bridges years ago. With the DOJ trial, with the mind-boggling succession of global disasters their software caused, with the recognition that today almost all malware emanates from Windows computers under hacker control. Get rid of Windows and you get rid of cybercrime. It's that easy and the intelligent people online have always understood this.
All the while the ordinary punters go about their lives, blissfully unaware of what's going on around them. Drive to work, log on and visit their social sites, drive to their KFCs and Ruby Tuesdays, drive home and turn on the boob tube. What happens to them is something they'll never understand. Not because they're incapable of understanding but because they don't care. And they don't have time.
And that's how the predators of this world always succeed in running over them.
Is this Windows 7 going to be secure? Is this something a rational human being can possibly consider? After ten years of the most brutal humiliation at the hands of hackers? Does anyone remember how this whole thing started?
It actually started more than ten years ago. It started when Microsoft got a runaway success out of Windows 3.1 in 1992 and achieved market hegemony (and Bill began counting his billions). The number of software titles generated for Windows between that spring release and 24 August 1995 when Windows 95 hit the market was astronomical. Everybody was running Windows.
But Tim Berners-Lee happened in those years and so did his WorldWideWeb, and Microsoft's Windows wasn't ready for them. Their DEC boy Dave Cutler finally released his Windows NT, a rewrite of the older, totally bulletproof VMS, but with significant concessions to legacy Windows architecture, and academia and science began a short flirtation with Microsoft. Windows PCs were cheaper than Sun workstations and with ODBC they could still hook up to their Unix databases. (1993 was when the demise of Sun Microsystems began.)
But the honeymoon with academia and science didn't last long. These intelligent people quickly understood the ridiculous shortcomings of Windows and knew they couldn't maintain secure networks with that excuse for technology. They moved back to Unix - and now to Linux - where they remain to this day.
The world was obsessed with the threat of the Y2K bug - a matter of allocating only two bytes for year values in 'WORKING STORAGE' in dusty deck COBOL programs - and when the New Millennium came and went and everything turned out OK, people relaxed. But not for long.
By May 2000 the fun had begun for real. Earlier worm and virus attacks - and Microsoft have always been unable to excuse the fact their program files have been so susceptible to viruses - had mostly been pranks. They caused a lot of damage and that damage was all Microsoft's fault but no one paid it much attention. It was first when the cataclysmic 'ILOVEYOU' Love Bug hit that people - at least some people - began to take notice.
In the space of a few days the Love Bug crippled networks worldwide to the tune of $5.5 billion in damages. And it was all a prank. It was based on a known trojan and its purpose was to give unfortunate people in the Philippines access to an Internet they could not yet afford. There were rumours of a love triangle at the 'Anaconda' university outside Manila; suddenly the author of the trojan got hit by his own medicine. And went underground.
All around the world the news media kept a lid on the details - a combination of a number of elements of poor security design on the part of Microsoft. Microsoft representatives around the world did their best to keep the details hidden from the public. The BBC said nothing for over 48 hours - and were taken to task for it. The same happened in other countries. But at last the news came out - and the blame was planted firmly at the feet of Microsoft.
And yet the Love Bug was not an attempt to make gigantic sums of money. No money was involved at all. The idea one could exploit Windows for financial gain had hardly been born.
All through the summer and autumn of 2000 the copycat worms hit Windows and the Internet. One of the more famous was AnnaK. The whole idea was to use social engineering to get the inept user to click a disguised link in an email message. AnnaK promised nude pictures of the famous tennis star Anna Kournikova.
Other worms were created by concerned individuals in academia who were shocked to see corporations and administrators not heed the warnings of the Love Bug. They created followups in an attempt to get these people to wake up. They failed.
And if that wasn't bad enough, Code Red was around the corner. ILOVEYOU required interaction by a dimwit user; Code Red required nothing of the kind. All you had to do was turn on your Windows 2000 computer and you were toast - and suddenly a zombie scanning IP ranges left and right, trying to make toast out of other Windows machines. The level - the intensity - of malware IP scans became sickening.
Spam wasn't as much of an issue back then. Early spammers had taken advantage of unskilled network administrators, pushing through their SMTP servers. Huge spamming organisations set up gigantic machine parks to scan the Internet for 'open proxy' servers. That was soon a thing of the past.
The great revelation to organised crime was that all the evils of the Internet could be combined into a single payload: poison letters. Email messages laden with trojan and worm code. Infect and corrupt the host machine and then use that host machine to automatically corrupt others.
The sophistication of these attacks got all the more impressive. They would automatically clone themselves when 'touching down' and keep a close eye on each other. Only if the user could successfully locate all the clones and eliminate them all at once was there a chance the machine could be freed. But this process soon became too lugubrious. Administrators quickly developed a policy of simply 'trashing' infected Windows PCs and issuing new ones instead.
And through all this time the hooker known as Microsoft did nothing. The smart people of course migrated to other platforms. They had to choose between vanilla systems or Apple's space age OS X with its Objective-C NeXTSTEP classes. Those who did get out naturally paid the woebegone Microsoft market very little heed - they were damned glad to finally be rid of the shit.
But here's the interesting thing: people never ever do the research. Sheryl Crow has been nagging people for some time to think for themselves - but do they? Don't ever count on it. There are well paid executives out there today who seriously don't see what a big deal it is if their computers are botnet zombies. They don't want to talk about it and they don't care. That's what the world is up against.
Things only got consecutively worse on Windows. Geometrically worse. No industry ever known to man has had such a scandalous period as computing with Microsoft at the helm. None. The meat packing industry? Horrible to be sure but not close. The automotive industry? No way. No industry can match the scandal of the past ten years in computing - and all thanks to Microsoft.
One remembers as well how Bill Gates apologised to the world at large over seven years ago now. And one remembers that nothing has happened in all this time to lead anyone to suspect Bill Gates actually meant what he said. For nothing's improved.
Vista actually proved once and for all that Windows can't be saved. This joke of 'cancel or allow' showed how bad it really was: Windows cannot prevent disasters - it can only tell you after the fact the disaster's already occurred. It's totally incapable of defending itself, of stopping the intruders from getting in and taking over the system. It can't do any better because it's still based on ideas predating the Internet, in an age when nobody wanted a real operating system anyway - just a few lines of code to spin the disks.
Windows became unusable under Vista. There was a lot more - the DRM factor being one of the most painful - but essentially Windows became unusable because it still couldn't protect itself and vaingloriously made working on it ridiculously impossible. LUAs and cancel/allow? LUAs don't help anybody. People need a secure operating system, not Microsoft's patty-cake nonsense.
The biggest objection heard from Microsoft users has been that Vista was unusable - not that it was insecure. Windows users don't know the meaning of security. They've never experienced using a computer where security wasn't a constant worry. They simply don't know.
Windows users really believe the Internet itself is evil when it's nothing of the sort. It's Microsoft Windows that's evil. It's Microsoft Windows that lets in all the bad guys. It's Microsoft who have petitioned Internet backbone providers to protect Windows PCs they themselves are incapable of protecting. And your average punter user doesn't hear it, doesn't want to know it, doesn't give a shit. And most importantly: goes out and buys Windows again.
Microsoft Corporation peaked fifteen years ago. They've been slip-sliding away ever since. The end may be prolonged but it's inevitable. They're 'last generation' and they will never ever get it.
Windows 7 is a pig with layers of lipstick, foundation, hairspray, and cheap perfume. It's not going to be any more secure than any other version of Windows. Easier to use? Yes - and Microsoft are counting on selling Windows on this point alone. They've had a rather lacklustre copy of Apple's NeXTSTEP/PDF technology since the days of Vista. It's not particularly well designed; it's even more poorly implemented; but it at least gives the luser a glimpse of how good life can be outside the Bill Gates Corral.
And without all the cancel/allow prompts, Windows will be easier to use. But the question becomes: how secure will it be with all the prompts gone?
Windows (l)users count on needing antivirus and anti-this and anti-that. They've never seen a life without that crap. They simply don't understand security. They will put up with the attacks and system compromises because they're brainwashed into believing things have to be this way. They will also accept the all too frequent system crashes and other stupid anomalies for the same reason.
Windows 7 is Windows XP with the Windows Vista cosmetics. Windows XP was a laugh at being secure, so was Vista, and Windows Se7en will be no better.
And yet here we are, the innocent bystanders, watching as these morons continue to ruin our Internet, with no sign or promise they'll ever earn a clue.
But here's a clue for them all. Cybercrime will continue to grow. Identity theft will reach new heights. 95% or more of all Windows PCs will be infected with 20-30 malware strains each. Billions upon billions of dollars will be diverted from their rightful owners to criminal elements who would never have a chance without a crappy system like Windows 7 to exploit.
And that's the world these people so generously offer us. A world where an estimated 97% of all email traffic is junk generated by infected Windows PCs. Ponder that for a moment and then ask yourself if you too don't feel your Windows luser neighbour owes you an apology.
|