windows insecure design

Discussion in 'other anti-malware software' started by chrcol, Jun 9, 2016.

  1. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    Has anyone wondered why windows persists with using binaries to manage other programs.

    The ones I am talking about are svchost.exe and rundll32.exe.

    If we compare to e.g. linux, the closest thing that has to this system is maybe bash, which is used to launch shell scripts. The difference been tho pretty much nothing on the core OS side uses bash so its fine to restrict access to it without breaking things. Whilst on windows its somewhat more diffilcult as parts of the shipped OS rely on these binaries.

    Its a haven for malware to hide behind, so some random malware dll can make internet requests using rundll32.exe which appears as a trusted signed microsoft binary, likewise with svchost.exe.

    One of the members of this forum shows some rogue software using svchost as a shield.
    http://www.youtube.com/watch?v=hfVVitd8xxA

    On linux instead the program itself is what does internet requests and reads/writes to files.

    e.g. instead of svchost handling dns lookups, windows updates, file sharing etc. It should be something like winupdate.exe fileshare.exe and dnsclient.exe.

    Also the same with the %temp% folder, very few linux software and I mean very few, needs to run files in %temp% to install and operate, yet its standard procedure in windows applications to first copy to that folder and then run from there during the install process, meaning windows cannot have a default deny execution policy on the folder in its shipped state, to me it seems madness.

    Thoughts?
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Well, Microsoft didn't develop Windows from scratch. They basically got it for free from Xerox who didn't know what to do with it since their emphasis was on mainframe solutions in those days of old. They retrofitted that with DOS which again they got from IBM for next to nothing. My analogy of Windows has always been "a skyscraper built on an insecure foundation." Window's security issues are due to the fact that only two security levels exist; user and system.

    Linux on the other hand was modeled after Unix. Security was a primary design factor in Unix development as noted by its multiple ring security level design.

    I personally believe that Microsoft's exiting the desktop development might produce a new secure Windows like desktop OS. We have Microsoft to thank for the current state of affairs since their monopolistic practices eliminated any serious competition in the desktop OS market. I say might because the desktop market is dying and the cost of developing a new OS is horrendous. So, the economics here does not favor new desktop OS development. Who knows? Maybe in the not too distant future Microsoft will make desktop Windows open source?
     
  3. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    I use Kubuntu on my sisters PC with no other security software. She is tied to the same router as me. You are right now days with Linux distros it is as easy as using Windows. Most security programs lock %temp% folder or at least monitor it these days
     
  4. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    I always thought it was Peter Norton that wrote Gates first OS and sold it for like 35 grand.
     
  5. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    A blast from the past.

    1977 – Microsoft and Apple Team Up

    Allen rejoined Microsoft in time to christen the company’s new offices in Alberquerque. In early 1977 Microsoft licensed “AppleBASIC” to Apple for the flat fee of $21,000, which turned out to be a steal of a deal, as Apple sold over a million computers with AppleBASIC running the show (Wozniak actually wrote the integer BASIC for the early Apples). By the end of 1979, Microsoft had participated in porting both FORTRAN and COBOL languages to microcomputers, moved to Washington State, entered into agreements with ASCII Corporation of Japan, and expanded into Europe. The two-man operation was now employing 40 people and bringing in over $7 million. Microsoft’s congenial association with Apple continued into the 1980s, with Microsoft bestowing the Z-80 SoftCard upon Apple in 1980. The SoftCard allowed the Apple II to run most of the CP/M programs currently featured on most smaller computers.


    Windows 1.0 made its official debut almost two years after it was announced, in November 1985. Apple was stunned by the similarities between the Mac and Windows interfaces, but as there were almost no applications available for the Windows environment (Aldus’s PageMaker for Windows was a notable exception), Win 1.0 came and went on the consumer market without much fanfare. The failure of Win 1.0 to capture a decent market share, along with plateauing Mac sales, caused some to wonder if the GUI craze was a fad that had peaked. Ironically, in light of the bad blood to come between the two companies, Microsoft’s Excel (a GUI-based spreadsheet that was similar to its predecessor VisiCalc, but easier to use) gave the Mac much-needed viability at this time

    1979 – Apple Visits PARC

    Jef Raskin, a project manager with Apple, first told Jobs and Wozniak about the research being done at PARC(Xerox). It’s a mistake to envision this scene as taking place in some deserted parking garage, with Raskin hiding in the shadows and doing his best Deep Throat impersonation. A closer scenario is that Raskin wanted to work more directly on a GUI, and dropped a bug in Jobs’ ear about the neato keeno work being done at PARC. Jobs was reluctant to go at first, but eventually Raskin, who wrote his master’s thesis on a WYSIWYG graphical interface back in 1967 and was seeing some of his ideas brought to fruition by the folks in PARC, piqued his interest.


    Ref.: https://www.sitepoint.com/real-history-gui/
    Then came WIN 3.0 and the big Microsoft vs. Apple lawsuit.
     
  6. haakon

    haakon Guest

    No. MS developed it from scratch. Apple/Macintosh has the Xerox connection.

    Yeah. That's it. :rolleyes: I think you're confusing a Nostradamus prediction.

    "Gates first OS" was MS-DOS, based on 86-DOS, an improved CP/M, and is used in the shells known as Windows 3 to 9x. He ported it as IBM-DOS and sold it to them for a hellovalot more than that.

    Windows NT, 2000, XP, Vista and 7-10 is rooted in MS engineers' experience with DEC and IBM, influenced by VMS and the POSIX-like OS/2.

    And yeah, chrcol's OP is indeed worthy of considerable inquiry and opinion. Carry on.
     
    Last edited by a moderator: Jun 9, 2016
  7. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
  8. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    shvfi the targeting point is valid, but linux has a more secure foundation e.g. non root accounts by default and what I already mentioned regarding %temp% and shared binaries.
    Also various linux distros even ship with selinux now as well.

    Things like executable enabled %temp% seems to be done to accommodate developers rather than end users, svchost and rundll32 I think is nothing to do with end users, those would seem to be a lack of motivation for microsoft to make big changes that are required to drop those systems. Possibly also to accommodate developers using those functions as well. I would suggest the main bad security decision to keep end users happy is not using LUA by default.
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I just wonder why M$ needed to add all these API's to Windows, they made it too complex, with too many programming options. I believe most of them aren't even used by 90% of all apps, so why give malware the option to do so? It's ridiculous how many attacks vectors malware has to even bypass HIPS and firewalls.

    With stuff like code injection, file modification and driver loading, it's far too easy to wreak havoc. Of course, all of these things should be possible in any OS, but they should run with more restrictions and thus less options. I do believe that perhaps OS level virtualization, might be a solution for a lot of problems, see link.

    https://www.wilderssecurity.com/thre...-add-containers-to-windows-client-too.382080/
     
  10. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    rubbish

    ofc windows at first sight is a allow/deny policy - first account has admin rights. linux is opposite - deny/allow. was invented this way.

    and time made linux also bloated as windows - but why to blame microsoft when adding usefull software in windows?

    if some dont like windows - dont use it.
     
  11. guest

    guest Guest

    many seems to forget that simple rule :D
     
  12. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,267
    Location:
    Southern Rocky Mountains USA
    More lack of design and forethought than insecure design. Windows is a vast hodge podge of code that agglomerated new code over old code without a lot of planning. Backwards compatibility was often favored over security. All of this makes for a huge attack surface with many potential points of entry.

    Windows is always going to be a monster to secure. If you want a secure OS, you need one that was designed for security like Qubes and other hardened Linux distros. Even less secure distros are always going to be more secure than any form of Windows even without any special hardening due to a variety of factors but system architecture is always going to be the main one. Windows is like a vast sprawling city that grew without any central planning. There is structure yes, but not a well planned one.
     
  13. guest

    guest Guest

    note that Windows was originally designed when there were not much malwares threats as now; security wasn't a decisive factor; usability was; unlike Linux that appears far later when security was a concern already.
    Windows is everywhere , redesigning it from scratch would create complains from devs or companies. Look at Win8/10 ; small changes and so much dramas. i don't imagine what may happen if everything is redesigned.
     
  14. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    i did not have any trouble with win8 or 10 ;)

    i read some articles about Qubes now - it may be secure but from my view now it may be complicated to xchange data between boxes and maybe other places on my system or network. and its only a single person environment.

    its technology is not new and present since 20 years now - virtual environment for nearly any app or access.
     
  15. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    thats not very nice :)

    so you saying because I have a criticism over the framework of windows I should stop using it?

    If I took that approach to every software I would have to quit using computers as I find flaws in almost all software I use.
     
  16. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    So I installed the beta of GOG's new launcher.

    To install a game this occurs.

    Random executable files with random name generated in %temp% (unsure if signed).
    Launcher for the game put inside ProgramData which is not supposed to hold executables.
    Extra executables also placed in a ProgramData folder, the naming scheme of the folder suggests it will be renamed on any updates and each game will have its own folder.

    A security nightmare.

    I know why it has been done like this, as GOG developers have aimed to allow installation without UAC approval. Although steam avoids this as it simply launches games directly from where they installed.

    The idea of avoiding UAC for installation is misguided, as again if we compare to linux, the idea is if you install something, you sudo to root, install it, then switch back to your normal account, adding binaries in a secure OS should be a admin side task only.

    I have contacted GOG and they said they like my feedback and will implement changes, so will be interesting to see what they do on this.
     
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes this is true, but like said before, I believe that virtual containers are the most promising technology to secure Windows. And AppContainer is also interesting, it restricts apps even more. A simple example: apps can only access their own installation folder, this would make it impossible to steal password files from browsers for example.

    https://blog.nextxpert.com/2013/01/31/demystifying-appcontainers-in-windows-8-part-i/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.