I find it pretty difficult to believe that any general-purpose computing system could ever be completely free of that possibility.
Yeah, I regularly clean up Linux servers that are riddled with botnets and malware as well. Doesn’t mean I blame it on the operating system, though (well, not unless it’s actually an OS-level bug that allowed it in).
For all the bitching an moaning about how win10 home was oh security update no you don’t get to say no unless you want to air gap the machine this is the exact reason why.
Hell when we got off of win9x at Boeing and they started locking down desktops with group policy I was all GOOD! I cleaned up way too much crap on boxes that got regular virus defs and updates and the users who should know better still installed crap or clicked email attachments just to see what it would do and these were engineers who build airplanes.
While I was grumpy about not being able to set up a delayed schedule I totally know the why and I can’t fault them for it at all.
For Android I figure if I am not willing to spend the few dollars on it I don’t need it that bad. I would like to root my nook just for funs but I can’t think of any useful reasons other than just to do it so I haven’t yet.
I work with a reality based threat model. That means that I don’t evaluate software based on what’s on the install DVD and nothing else. I construct a threat model that is how it is actually used.
If someone makes a perfectly secure OS but 90% of the world installs a Java VM and then Minecraft on it, followed by going onto a network to play it, then I look at the whole package.
Operating systems are shit. They allow users to do certain things, probably do to lack of forsight (for some operating systems) or assuming that everyone is a technical wizard (for others).
So, yes, I blame Android for creating an operating system where a vast portion of its market is running malware. I blame Google and the phone vendors for focusing on the bleeding edge and abandoning older versions, which leaves people on them high and dry. I don’t know current numbers but more than half of Android users were running a two or more year old version of Android the last time I checked. Great, 6.1 fixed all those security holes. Too bad everyone is running some version of 4 and their vendor will never ship an update or, if they do, it will be a year from now…
iOS has problems and I don’t like the locked down app store. I’d like to see alternative stores allowed from vendors. That said, unless someone tricks the app store into distributing malware, the chances of an iPhone or iPad user joining a botnet or getting malware are close to zero. Apple ships all OS updates directly to users as well. This is something Android and Google can’t say.
Which is what is on my nook and no chance of an update being available for it. If I want a newer OS I gotta drop $150 for a new one which is just goddamn annoying as it is still quite a usable piece of hardware and probably will be for many years cause I do my best to take care of my toys.
The fact is that in order to have an even halfway secure Windows system, you need to limit most of your own access (don’t run as an admin) and run a constant anti-virus scanner and network monitor on your system should tell you something. I worked at Microsoft for nine years but I won’t run Windows anymore except when I’m being paid to do so (and then only for as long as necessary). I won’t run it day to day.
I run OS X with Little Snitch (a third party firewall) installed and running in a pretty paranoid mode. Except for a few apps, I have to manually approve all outgoing network connections. I have Flash disabled in my browser except when I manually turn it on. I run uBlock Origin, Privacy Badger, and a number of other browser extensions to keep track of things. When I need to run a random downloaded piece of software (or most things Linux or Windows), I fire up VMware Fusion and run it in a virtual machine. When I’m done with that work, I wipe the VM back to its previous state. I use Homebrew for a certain amount of Linux tools and I compile some software from known sources. That’s it.
Windows is a shit-show security-wise, yes. But blaming the operating system for things that really aren’t within the creator’s control is a bad policy. Personally, I’ve never actually needed to go to all that trouble to be “secure” on Windows… all it takes is a little awareness. And if I screw up, then that’s on me, not the OS.
The whole reason I moved away from iOS is because it wouldn’t allow me to do what I wanted/needed to do. Even if it did, it’s not as though iOS is entirely free of malware either… and, hey, it’s still the old story of the user downloading something they shouldn’t.
Using a threat model of how software’s actually used is great for security thinking, but putting the blame of how the software’s used on the software itself is a bit backwards. Software’s a tool, it can and will be misused. And if the user’s actively breaking the law, that’s darn well not the OS’s fault!
If I hand someone a gun and bullets and say “Have fun!” and leave, I’m not going to be surprised if I hear a gunshot later.
I blame everyone. I blame myself for giving them the tools. I blame them for being stupid. I blame computer science, in my daily life, followed by computer engineering, for creating the shit show in concert with capitalism. It’s all shit.
If I hand someone a screwdriver, walk away, and later come back and find they’re using it to hammer in nails, that’s not the screwdriver’s fault.
It is splitting hairs.
At the end of the day, it is what the user does with the software that matters and people are not technical and are, by and large, not going to put in the work to be technical. With that knowledge of humans and their nature in mind, maybe we should design software that isn’t akin to handing them a screw driver and then leaving them alone in a room of wall sockets with screwdriver shaped holes. We know what is going to happen.
I want security defaults that are locked down enough that stupid people won’t fire a footgun. I also want the ability of informed people to override these constraints if they know what they’re doing. iOS (and OS X’s current direction) gets about half of this right. I think requiring all apps to be signed by certificates with a validated chain and throwing up a “Whoa whoa whoa!!!” block when people try to run unsigned shit would be a good start for Android. Of course, history has shown that if you make an app that requires people to root their phone and then make it really sexy, people will just google how to root their phone and install it. At that point, I just give up.
I still blame the vendors. All of them. I’ve worked in software for my entire post-college adult life and I think the industry cares more about cool new things and selling stuff and almost nothing about liability. This leads to a lot of poor design and poor decision making during software development.
No, we don’t. That’s the trouble of it all. Until someone invents the evil bit (or an equivalent for users… a “stupid bit”?), it’s not going to matter what hoops you put in the way. Normal people are going to use these tools to accomplish what they want to accomplish, and evil people are going to work out ways to exploit what the normal people are doing.
It’s all well and good for the OS to put some hoops in the way, but in the end, the user needs to have responsibility if they ignore the warnings and then screw up. If you try to build a fool-proof system, someone’s going to prove they’re a better fool.
Let’s do nothing then! The current state of the art is dandy! 
Ah yes. American gun regulation.
Hey, I never said that. Don’t put words in my mouth. I’m just taking issue at the idea that the OS is responsible for users doing stupid crap that they know darn well they shouldn’t be doing (and that they have to do some research and have some technical knowledge to do anyways, to boot!).
Android’s got its problems (for instance, with update delivery… though I’ve got a Nexus, so I don’t have any issue with updates myself…), but I wouldn’t put “users figuring out how to root their systems, then actively going out and pirating software, and being bitten by malware from shady sources” as something that’s purely Android’s fault.
But we know users will do stupid crap and yet we design operating systems and software without taking this into account (from what I can tell) or even vaguely trying to stop them or, often, slow them down from their own bad actions.
I blame the software and its creators because (a) I work in the field and (b) because I can’t blame the users for just being normal people. The software industry has fucked up priorities and “security” has only vaguely been one for the last decade or so. I mean, I worked on Internet Explorer when it invented cross site scripting and then advertised it as a feature in IE.
Well, not a day goes by that I don’t have to waste nontrivial amounts of time convincing various software that I really do want to do some action that may be vaguely, potentially dangerous, but which I know darn well isn’t dangerous and that I need to do on a regular basis. So… yay?
I thought you ran Linux.
Ok…?
As if it mattered, yes I do, in some cases. And I run several other operating systems too. Right tool for the job, and all that. And then there’s the ones that I support, which is a whole other can of worms…
You may have misread something I said earlier.
That talk seems to be based on
Hill, M., Marty, M.: Amdahl’s Law in the Multicore Era. IEEE Computer 41(7), 33-38 (2008).
The video itself was uploaded in 2010, so at the very latest, it’s based on what we knew six years ago. In terms of Intel cpu releases, it’s somewhere between Core 2 and Westmere.
One can assume, therefore that in 2016, there are several microarchitectures that incorporate some of the assumptions of Hill and Marty. How have these assumptions panned out?
Nixie’s Law?
It sounds to me as if the problem here is largely the approach of treating computers, operating systems, and software as consumer products. They are essentially technical, and when companies decide “wouldn’t it be great if we could generate more revenues by pushing these as lifestyle accessories for non-technical users” the intelligent course of action might be to not play along. When businesspeople and politicians throw up lamebrain ideas like this, I expect scientists and engineers to know better than to cooperate. When the commodity of the moment is advanced technology, these same scientists and engineers are the ones with all of the power, but they sell themselves short.
Everybody who has a computer, whatever its form-factor, is not only a mere “user” but the administrator of their network. And the trend towards obfuscation and lock-down strives to deny and obscure this fact. The ultimate destination of that path is that the vendor is the admin of a system which the user merely plays in. When people fail to administrate their systems well, despite lots of good advice and tools, it can be either a learning process which they choose to learn from (or not) - or a cynical grab to rent them toys controlled by others. I prefer the former. Some have decried this as being “elitist” (which it technically is, in some ways), yet they never have this complaint when the topic is other technical equipment. IE “the average person should find cheap idiot-proof logic analyzer scopes at Wallmart”. The main difference is the marketing and desire to capitalize upon unskilled users/admin, which we would be better without.
That’s it! I agree completely. But why should anybody else, such as users or engineers care what “the industry” wants? Like any minority of investors, they exist to benefit themselves. I’d like to see more life-improving disruptive technologies which require technical competence, because it is a way to improve the social climate by growing past the tired drive of exploiting people for the sake of selling crap. Knowledge is power, and people who should know better are casting the goose who lays golden eggs before swine (see mixed metaphor topic).
