Lock Your Doors & Secure Your Windows
This is a quick intro to a subject which I have dealt with professionally for a number of years and is subject to rumours, myths & misinformation - IT security.
As is my wont, I have focused on the most commonplace OS - Windows - although some of what I shall cover is also applicable in general terms.
I shall begin by setting the scene and giving a background on "how things used to be" to illustrate how differently we use computers today.
A Brief History Of Time
Before the Internet really took a hold and became a daily presence in companies and households, there was little focus on security for anyone other than banks taking care of their "core systems".
People had become used to the concept that computer networks and high speed interconnectivity were for universities, and their home computers were inviolate and entirely self-contained with a specific set of functions.
Software packages were purchased to perform specific, rigid tasks and new features implied upgrades - "patches" were not commonplace.
This may lead to the assertion that software written today is not as well written or tested, but the reality is that both the OS and applications did not have a fraction of the capabilities that they have (and are expected of them) now.
Viruses were not rampant because if they had a destructive payload the invariably wiped themselves out along with the data, and they most commonly got transferred via floppy disks (people swapping freeware, shareware or pirated software).
So what changed?
When Windows 95 arrive it was obvious it was a huge improvement over "Windows For Workgroups 3.11" (WFW), not only in terms of the user interface (the right mouse button actually DOES something??) but it introduced concepts such as the registry and plug & play (PnP).
Windows 95 improved upon WFW by also having much better networking and internetworking support - now it was possible for users to buy modems, sign up with an Internet Service Provider (ISP) and pay through the nose for per-minute Internet access in addition their subscription fees.
The days of free CDs offering Internet connectivity software mounted on magazines had arrived (thanks to AOL we had a never-ending supply of coasters, frisbees and things to melt for fun).
Where previously we would use our standalone computers to do word processing, put our finances into spreadsheets, write programs or play single-player games, now we had the ability to connect with millions of computers around the world and enjoy pornography in every language.
If Windows found a networking device then it would bind TCP/IP and file & printer sharing to it so that everyone in your "workgroup" could share files easily - very convenient.
Life was good, the era of the "dot com" was upon us and the future was looking just peachy.
But the convenience of home computing came with its risks - any user of a Windows machine was "God", and any process which launched was able to achieve anything the user could (and I am talking about permission rather than skill).
The Times, They Are A-Changin'
The "9x" family of Windows still lacks 3 major things:
- users and privileges
- a file system while allows for privacy and security of its contents
- a protected kernel
Fundamentally this branch of Windows was really a 32-bit shell on top of 16-bit DOS rather than an operating system in its own right (rename win.com and booting the machine drops you at a command prompt, and "ver" reports MS-DOS v7.x).
This means it was subject to the stability of the underlying 16-bit OS and its legacy drivers.
If the machine booted up you were left at the desktop without any request to log on, full access to every file on the system, and every application you ran had access to all memory areas so a program could easily "bluescreen" the system.
Convenient, simple, but far from secure or allowing for privacy.
I mentioned briefly before the automatic binding of "File and Printer Sharing for Microsoft Networks" to all networking interfaces, including modems.
This convenience was very useful for local networking - as there was no concept of "users", everyone had the same level of permission.
Unfortunately it also meant that anyone who could find your public IP address when you were connected to the Internet could also connect to any of the shared resources too, including some "administrative" ones built into the system.
My introduction to computer security started with my discovery of the "File and Printer Sharing" issue - luckily it was a fried who demonstrated its exposure to me by creating a folder on my desktop when we were chatting in IRC.
While unbinding the service from dial-up adapters was trivially achieved, how many people knew that it needed doing, or how to do it?
Experience Is Something You Get Just After You Need It
The Internet was to provide the solution to faulty design implementations and buggy code at the same time as creating the risks these things presented.
"Patches" and "service packs" have been used for years in coroprate environments - Windows NT 4.0 is now out of its support lifecycle but it peaked at "Service Pack 6a", and anything less than this service pack level is considered unstable.
A service pack is, for the most part, simply a collection of patches bundled into a single deployment - though sometimes service packs can also introduce new features.
A patch, in reference to Windows, is not actually a fix that needs applying to a file, but it is a replacement for the entire file - you install the "patched version" of 1 or more files.
All operating systems are patched frequently, this is not something exclusive to Windows.
"Windows Update" was introduced to take the responsibility away from the user to seek out patches that they need to apply by reading magazines, web pages or KB articles.