Feeds

Consumer grade *nix: powder keg

Desktop time-bomb

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Is "Ship it then fix it" a good business model? It is likely an approach to get a product to market early, or perhaps more honestly, to market on time. But after an experience I had on the weekend, I wonder about the sense of this approach and worry that the push to get Linux and Unix adopted on the desktop, through low cost outlets such as Wal-Mart , will depend on this strategy. The consequence will be a rash of viruses written for these platforms, and the reputation of Unix and Linux will take an equivalent hit.

I was helping a friend on the west coast set up a wireless network covering his property. Instead of the usual selection of computer stores to make our purchases, we had to make do with the computer department of a large drug store. When purchasing the wireless access point and border router, I discovered a device that advertised itself as filling both roles. Once I had hooked up the router I had enormous problems connecting to and maintaining a connection to the broadband network.

My first response was to blame the cable company (always a good first response in my experience), but after fearing the fight required to get through to their help desk, I decided to eliminate all other possibilities first and upgraded the router with new firmware. Unsurprisingly, this fixed the problem the router previously had in maintaining the connection, as well as a few other small annoyances in the interface.

The next day, back in the computer department of the drugstore, I planned to exchange an older card we had grabbed by mistake. I casually mentioned to the manager of the computer department the router's problem and the fix. I also suggested that if others come in reporting this issue he might suggest upgrading the firmware. He glanced at me, and said that he did get about 50 per cent of the routers returned because they "don't work". How many other people have simply put up with the broken performance and have continued using the product?

Geeks are different then the general populace

This little adventure got me thinking about the "ship it then fix it" nature of computing today. Some of this behavior in the computer business came about because people can't take a "test drive" of their purchase to find out where the bumps are going to be. Another reason is that us techie geeks are an impatient bunch. Raise your hand if you were the first on your block to have an MP3 player. How about the first to have a 100+GB hard drive, or a wireless network? With impatient people who will forgive a few technical glitches, being at the front of the line, even if you're there with a broken leg, is best. We geeks who buy the latest and greatest will often gleefully trade work-a-rounds, hacks, or other tidbits of information needed to make things work.

Mass marketing software, especially a new product, requires a different approach. Otherwise, the manufacturer risks alienating a large portion of their future customers. This shift in approach is doubly important when we are dealing with security. How many people have a grandma or brother that wouldn't know how, or couldn't be bothered, to download and apply a security patch? After all, everything works fine doesn't it?

Over the last year, a lot of attention has been paid to the movement of Unix-like systems into the end-user desktop world. There have been startups dedicated to this endeavor (Lindows, renamed Linspire, for example) and recently, one of the Unix big-guns, Sun, entered the end-user market selling their Java Desktop, announcing distribution through Wal-Mart . Most of these endeavors involve Linux, and there are many benefits that are attributed to Unix-like systems to try and entice people to move.

Fanfare of trumpets

One of the benefits often trumpeted by supporters is increased security and the assurance of this increased security is the availability of the source code. Everyone can see how things work so it's not possible to hide bad software design that would lead to security flaws. "No security in obscurity" is the phrase trumpeted by the supporters. While I won't debate whether obscurity is a good or a bad thing for security (I am a user of open source alternatives when available), this notion that the lack of code obscurity is the reason there is greater security deserves additional thoughts.

Viruses, generally speaking, are written to target popular systems. If we consider the number of end user systems (popular targets for social engineering viruses), it is likely that a large majority of these systems are running Windows. It seems to me that Unix and Linux users are relying heavily on security through obscurity, in that the number of Linux/Unix systems deployed are not great enough to warrant learning how best to manipulate them. This might be considered obscurity via scarcity, but it still has allowed Linux and Unix advocates to hold up the virus statistics for Windows systems as a reason to switch. What happens when you make Linux less obscure on the radar of the virus writers?

Linux in Wal-Mart - a powder keg?

So what is going to happen when Aunt Tilley goes to Wal-Mart, buys a cheap PC running Linux, gets it home and plugs it in? One of the few ways that a company selling open-source software can make money is to charge for the automated, timely distribution of patches. Aunt Tilley is forced to sign up to this service to receive patches automatically (she may get a year subscription included in the price), but does she see value in it? This problem is, in my view, compounded by the fact that many open source projects seem to live by the mantra "Release Early, Release Often". How many software projects are adequately tested in this release methodology? This sure sounds like a "Ship it now, fix it later" approach. What happens when someone doesn't realize they are running a broken version?

Solution

Here are a few of my ideas for how this can be fixed.

  1. Ship with all services turned off. If a service is being turned on, check when the last update was done, if it was too long ago, prompt the user to confirm telling them they may be running an insecure service.
  2. Allow users to manually download updates without charge. Charge for auto-updates.
  3. Don't let users run as a privileged user everyday, and if they do, pop up warnings.
  4. Find some visual way to identify scripts or binaries not installed by the root/privileged account.

The last idea is to try and limit the ability of viruses to socially engineer themselves as images or other attachments. I believe that one of the reasons why Windows mass mailer viruses are so prevalent is the "attachment hiding" that makes it hard for a user to make an informed decision.

Not making an attempt to make things better will likely result in the powder keg exploding.

Copyright © 2004, 0

Daniel Hanson manages the Focus Incidents area of SecurityFocus as well as the Incidents mailing list.

Related stories

Novell eats own dog food, moves to Linux on desktop
Business needs guidance on desktop Linux
HP puts Linux on the desktop
Wal-Mart and Sun share Linux desktop lust

Security for virtualized datacentres

More from The Register

next story
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Mathematica hits the Web
Wolfram embraces the cloud, promies private cloud cut of its number-cruncher
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Mozilla shutters Labs, tells nobody it's been dead for five months
Staffer's blog reveals all as projects languish on GitHub
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
Not fit for purpose on day of launch, says Cupertino
Profitless Twitter: We're looking to raise $1.5... yes, billion
We'll spend the dosh on transactions, biz stuff 'n' sh*t
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.