Excellent analysis of the real problem! If I had to guess where the architectural fault really lies, I believe it is with Microsoft rather than Intel. Intel processors since they days of the 386 have had a 'protected mode' that allows for two or more 'access levels' to do just exactly what this article describes - control access to memory space. In fact, by default there are two access levels, typically called 'ring 0' and 'ring 3'. Ring 3 is application space where the processor helps keep one program from affecting another. Ring 0 is where the operating system, such as Windows itself operates and has access to the whole machine. Some level of ring 0 access is needed in order to setup and configure the memory spaces needed for each executing application, but the OS should not be exposing these features through itself or allowing exposure through applications...this is what is happening. Another complication is provided by 'drivers'...these are programs that also operate in the special ring 0 access space...created by hardware vendors to 'help' Windows to understand how to interface to a particular piece of installed hardware. Although I've done some driver and BIOS level development (when I previously worked for Intel) I'm not really an OS architecture expert. But my gut feeling says this is not a problem with the processor/hardware architecture, but with how Windows uses the protection scheme and how much access to ring 0 features it provides to applications, opening up holes that can be exploited. This is probably an example of the classic backward-compatibility problem...how do you fix a problem requiring a complete restructure of basic access within the OS and not break every existing software application? I hope someone figures it out soon...security problems caused by viewing an image are clearly unacceptable.
PC Security: The Virus Is In The Blood
There is news you can hardly find in your daily paper or even on the Internet: a discussion of exactly why viruses and worms can infect your computer, how much this is hurting business and personal productivity, and what should be done differently so that we can continue to compute on our desktops without this scourge.
Photo credit: Carsten Reisinger
The latest threat, and it could be a biggie, is in this article: Windows PCs Face 'Huge' Virus Threat, on the Financial Times website. Now any picture can be a, "dirty picture", or actually a dirty bomb, dropping a virus into your computer if you just look at it.
This has really gone too far. The general assumption is that it has to be this way, that we are being victimized by all those criminals or evil people out there (many of whom may be children!). We need to search more deeply for the source of this plague, both within ourselves and within our computers.
We need to search within ourselves because the problem has been allowed to continue too long, and within our computers, because that's where the primal fault lies: the architecture that allows a child in Asia to plant a program in your computer that you don't want there and you don't control.
Imagine for a moment that you lived on another planet.
Your PC could not ever be infected by viruses, worms or trojans. Your mom, uncle, or grandmother could simply buy one at the MarsUSA store, take it home, send you some interplanetary email, check the weather back on Earth, and enjoy some classical Mars music.
Well, your granny on Earth could do the same, except that Microsoft/Intel are not bringing her the technology that we've had on this planet since the mid 1980s. In those days, time-sharing computers ran 600 or more simultaneous users at once.
Of course Ford could never access data in the space used by General Motors or Chrysler. If that could happen, even once, the time-sharing vendor would be out of business.
They prospered because they used hardware and software that made sure a program could only run in its own space.
Ask yourself, Earthling, why is it that some code arriving in your computer has complete access to memory and your hard disks?
That is, any code, whether a valid program, malware, or a programming mistake, can read or write anywhere it likes.
It can write into your Windows/system directories, and, get this, it can read your Outlook address book!
Now go back to the time-sharing computer technology.
Any program that tries to access memory outside of its space, or read or write hard disk it has no permission to access, will either get an error message or be booted out completely.
If this architecture were used on the PC (which still resembles most closely the original single-user IBM PC of yore), a virus arriving in your computer might be able to run, but it couldn't do anything to you.
Maybe it could compute pi to a thousand digits, but that's about it.
On the mainframes, writing to disk looks something like this (for GE/Honeywell/NEC computers):
- the program lays out its data in a buffer space it has previously requested.
- It then does a MME (Master Mode Entry, pronounced "mee-mee") with stuff in the registers indicating that it wants to write that data somewhere.
- If it's o.k. to do that, the operating system takes the data and writes it.
The program cannot actually write anything, there's no instruction it can execute to write. It doesn't matter what a kiddie in Korea knows, there is just no way to write outside the allowed space.
And the same for reading or writing to memory.
This is actually very simple. And of course, no mere program may write anything it wants into the system area.
In your PC, anything goes, and as time passes, the Windows system area gets filled up with all kinds of stuff that Microsoft had nothing to do with putting there.
No program should have access to the operating system area at all; it should remain as pure as the day it was installed. Imagine that. And if it needed replacing, it just asks all running programs to hold on a microsec or two, replaces itself with the new version, and off we go.
Well, will we have to throw away all our Windows apps to evolve to this kind of a system?
If so, I'd do so happily.
But with processor speeds so high these days, current apps can probably run in an emulator. Maybe Windows as we know it could just be an app under the new OS.
The virus-writers are getting increasingly clever as Windows is getting dumber, with new holes opening up regularly.
Now you can get a virus by viewing an image. That's crazy.
If business did put Microsoft/Intel on notice, they would get results.
How long will we continue to take this?
It's a tremendous drain on business and individual productivity.
Why don't we use the technology that's available and end this plague of viruses?
That's the story you never see discussed.
original article entitled:
"Windows PCs face 'huge' virus threat" -- but why do we put up with this?"
published by Larry Geller on January 3rd 2006
Reference: Disappeared News [ Read more ]
| 2006-01-11 16:18:19 |
| 2006-01-11 14:01:20 |
I think this hits the nail squarely. The key issue which needs resolution is some demonstration of how much revenue is being lost because home users are being put off from e-commerce.
If an OS rewrite is what it takes, than even the formidable competitive advantage that Microsoft now enjoys could be eroded. The $64M question being: why doesn't Microsoft itself do this now? It could benefit hugely from such an initiative, and secure a long-term future all in one blow. I refuse to believe the company does not have, or cannot hire, the talent necessary to develop/adapt such an OS in the guise of a user-friendly GUI.
Almost un-noticed, the advances in PC hardware capabilities make new architectures feasible in a way they were not even as little as 5 years ago.
It does seem like our PCs are drowining in their own juices, and the "overhead" involved in safe computing is becoming close to insane. Yet because this situation has evolved fairly gradually, we continue to put up with it.
We should stop being so passive and accepting
| 2006-01-08 18:55:59 |
Computerworld blogger Martin McKeay picked up Robin's post of my article but perhaps misunderstands the principles involved. He says in part:
I want to be able to install the software I need. I want to install the operating system that I find most fun or useful at the moment. I want to have the hardware I need to play the games I want to play. And none of this is possible in a mainframe environment. In a mainframe, it's one size fit's all, and if you don't like it, please move on.He also felt that administators would have to approve anything he wanted to install. Of course, there's no reason that McKeay would have to give up his games. Secure systems can be just as flexible as he likes. As long as programs don't try to steal his private data, or peek at his emails, there's no reason why he shouldn't continue to use them. In fact, he would be able to enjoy his computing experience even more, knowing that his private data is safe from viruses, worms and trojans.Most computer pundits cut off debate on this issue. It needs to go on. We're quite possibly in a losing race against the virus writers unless we render their creations harmless.
There's nothing in the architecture that I described that would prevent you from installing your iTunes, Firefox, or any other program you wished.
But don't expect your Firefox, iTunes, or any viruses that arrive in the email to access your Outlook address book or to write things all over your disk. Now, if you want them to have access to your mail, you can do that, but they can't do it by themselves.
It may be hard for those whose only experience is with the Microsoft/Intel architecture to imagine that there could be another approach that would maintain the same flexibility and freedom that they now have. No one is suggesting going back to the giant mainframe dinosaurs, but why continue to suffer when there are alternatives based on solid experience, and yes, common sense, that would change our computers for the better?
Oh... on the time-sharing systems I described, people wrote and ran lots of programs--no administrator had to give approval. Just don't try anything funny, it wouldn't work anyway.
Alternative architectures can also speed up our PCs. Currently they are wasting time checking everything for evilness, and the overhead is only growing. They also pause when accessing devices, a legacy of the old IBM PC architecture. Believe it, you can compute while things happen, jobs can run independently without interruption -- but not on the systems we have. Let's demand better. The technology has been here, but has been ignored.
