back to windows (for now) part deux


It's now about 6 hours or so since I began the reinstall. Seeing the install/update/patch process all at once is quite an experience. I've spent now close to two hours downloading updates and patches (at 50 KBytes/sec!). First, there was a batch of about five "critical" updates (10 MB). Warning! Your PC may do bad things if you don't install it! and so on. Then Windows Update suggested Service Pack 4. 50 MB. Right after SP4 installed, another check (this time thinking that was it), and now there were twenty (TWENTY!) Critical-install-this-right-now-or-it's-the-end-of-the-world-as-you-know-it patches. Another 50 MB. Plus, I'm not even done with the "recommended" patches (rather than those that are "critical"), which also fix problems for various calamities that might visit you or your loved ones if you don't apply them.

Can anyone in their right mind think that this is normal? We have gotten used to this whole patching idea, but it's ludicruous. By now, every security warning, every patch, elicits a "oh, another one of those...". Mind you, lots of those patches are not just security problems, many are bugfixes that apparently have various disastrous consequences under different circumstances.

Windows is not going away. Would it be much to ask of Microsoft that instead of drooling all over XAML or whatever new thing they are planning to conquer the world with, they would put their considerable resources and smarts to find a solution? You know, I think that Longhorn would be fantastic if instead of all the thingamagic promiseware that it will supposedly have, it was simply Windows XP (or even 2000) and it just worked. Who cares about 3D icons if I'll probably need to find a new "3D Icon critical patch" every fifteen seconds?

Sorry, I know that this has been discussed to death, everyone knows this, Microsoft knows this... but the experience of seeing this whole process in the space of a couple of hours has activated my gripe-cells. We now return to our original programming.

Categories: soft.dev
Posted by diego on November 18 2003 at 4:13 PM
Comments (please see the comments & trackback policy).

... and the funny part is that some people actually feel good and smart because they apply these patches on timely manner :-)

Posted by: Bruno at November 18, 2003 5:04 PM

Once again, MS wouldn't even have to invent a new solution to their security mess. They could just apply a very good known solution: start using capability-based security instead of their current security (or lack thereof) which is based on ACLs.

Bye-bye viruses, bye-bye firewall-problems, bye-bye critical security holes..

Posted by: Marcus Sundman at November 18, 2003 5:46 PM

BTW, if this was on a DSL line rather than a firewalled network, have you checked to make sure your machine wasn't infected while it was downloading all those patches?

I've heard of this happening during Windows reinstalls on several occasions recently (via UNIXish people doing the "neighbourhood sysadmin" thing, of course ;).

Posted by: Justin at November 18, 2003 6:51 PM

I know the feeling, after I had to reinstall XP in my ThinkPad for the third time in 14 months (the last time over a dial up connection in Spain!!!) I just went to the Apple Store in NY, bought a powerbook and move my critical data to it, even tough OS X it is not perfect, it works much better for me than the alternatives.
Regards.

Posted by: Oswaldo Alves Viegas at November 18, 2003 7:51 PM

I'm a very happy user of VMware, which enables me to boot up multiple Windows installations in a separate virtual machine under Linux. I can very much recommend it.

On a related note, I'll be switching to a Mac soon, too ;-)

Posted by: Stefan Tilkov at November 18, 2003 10:34 PM

Marcus, I think the problem goes deeper. A buffer overflow breaks any security mechanism, not matter what. However, you're absolutely right that it's high time (as you've also said before) they try different approaches.

Justin, yes, everything's firewalled by an external firewall. I'm paranoid enough for the whole building about those things. :)

Oswaldo: believe me, I'll switch over to Mac the second that's feasible for me :)

And, finally, Stefan, VMWare is indeed an excellent product. But realistically I can't run it on my laptop--too slow. Much less do development on a VMWare window running Linux. Using it for testing, however, would be ok, if I had enough disk space...

Posted by: Diego at November 19, 2003 12:51 AM

> I think the problem goes deeper

I don't think so. I am quite sure the main problem lies exactly in ACLs, which requires people to be infallible, which they aren't. Capability-based security is orders of magnitude more tolerable of bugs, and a misbehaving application is able to cause only much less damage.

> A buffer overflow breaks any security mechanism

Very true, but there are several differences. One lies in how easy it is to cause damage using a buffer overflow vulnerability. Another big difference is that with your program so very "compartmentalized" it is actually orders of magnitude easier to ensure that the critical parts don't contain such bugs.

Let me quote Jonathan S. Shapiro (author of e.g. EROS (The Extremely Reliable Operating System)):
"Capabilities do not impede penetration attacks at the first stage. A buffer overrun vulnerability remains a buffer overrun vulnerability. Capabilities help when the attacker gets to the next stage: trying to propagate the attack deeper into your system. The benefit is that attacking a single process doesn't gain me broad access from which to expand my control -- it only gives me the access that the single immediate victim had, which is generally narrow and highly restricted."

Posted by: Marcus Sundman at November 19, 2003 2:18 AM

Copyright © Diego Doval 2002-2007.
Powered by
Movable Type 3.35