Editorial: A clear and present danger

Linux and Main ^ | August 22, 2002 | unsigned

[dep]

If the U.S. government were truly interested in preserving the nation's security, there would be tanks, soldiers, and flame-throwers encircling the Microsoft Corporation at this very minute, and not to guard the place, either.

We're kidding, but only a little. Is there anyone, anywhere, who does not think that the monkeyshines in which Microsoft is increasingly engaged are more a threat to the country's well being than were the ravings a decade ago of David Koresh?

We hold no special brief for Koresh other than to note that he and his followers by all accounts were minding their own business when 76 BATF dropped in unannounced, guns drawn, on February 28, 1993. And we note that the penalty ultimately exacted, on April 19, 1993, was high by most standards.

Microsoft Corporation would say that it is minding its own business, too -- literally. Unfortunately, its business at present is to extend the monopoly which it has already been convicted of illegally extending, to the point of seizing the Internet as its own and forcing upon equipment makers hardware that would make it impossible to run any software of which Microsoft does not approve.

If computers were no important than toasters, and if Microsoft Corporation had ever shown the slightest responsibility toward and for anything other than itself, this would not be a concern. But like some apocalyptic science fiction novel, Microsoft is positioning itself to do nothing short of controling the commerce of the entire planet. It is positioning itself such that computers which work at all do so at Microsoft's pleasure -- with Microsoft having the power to shut down and and all of them whenver it so desires. This is not, unfortunately, an exaggeration.

There are those, and we are among them, who would consider this a tremendous threat.

It's possible that you do not believe it's all that bad. You needn't be a conspiracy theorist, though, to find the evidence compelling:

• Microsoft has patented hardware which meets the specifications of proposed legislation designed to prevent piracy. We wrote about it a few months ago. It won't be approved this year, but it'll be back next year and, if necessary, the year after. Failure to comply would mean time in federal prison. Compliance would mean Microsoft software or software of which Microsoft approves.
• Perhaps finding aging Southern Democrats not entirely reliable, Microsoft is pushing the technology via a P.R. campaign, having named the thing "Palladium." (This would attach a digital certificate to everything that passes through your processor. Microsoft's experience with certificates has not been good -- the company still has not fixed an operating system problem which makes certificate forging trivial; it took KDE less than a day to fix the same vulnerability.) Again, this means that only Microsoft-approved software would run at all on any new computer; it would be easy for and typical of them to change protocols to the extent that most computer users would need new hardware. They do it with their software all the time.
• There is evidence to suggest that Microsoft's infamous lack of security is deliberate -- there to create a problem which the company would then fix through proprietary protocols, which would in effect give it control of the Internet.
• In the meantime, Microsoft is actually getting permission from Windows users to drop by and disable anything it wants, anytime it wants, on their computers with or without notice. We cover that one here, along with a general trend by the company to slip into its license agreements new provisions without going to much trouble to let signatories to those agreements know. Among other things, this means that anyone who has upgraded to the newest Windows Media Player has given Microsoft Corporation rights to total control of his or her machine. Where else might such control have been ceded, unbeknownst to the computer owner?

  There is a school of thought in security circles, "security through obscurity." It means, essentially, that if you're sufficiently quiet and unnoticed, crackers will probably hack something else. Microsoft's strategy might be styled "dominance through audacity." The things they are doing are so outrageous that most people will look upon them as too outlandish to be believed. And the company is doing a good job at it -- by comparison, the United Fruit Company was a foreign-aid charity.

  Microsoft's plans truly are playing out as if they seek world domination -- not domination of the world's computers, but domination of the world itself through an ability to manipulate and control all those computers. It's not often that we think the government of China is behaving more sensibly than Western governments are, but in this case we must.

  The United States Department of Justice had the opportunity before it to greatly reduce the Microsoft threat which -- make no mistake -- is a threat to the security of the nation. The Justice Department has failed miserably.

  We don't often say this, either, but this is a job for Janet Reno. Perhaps she'd agree to serve if she were promised that she could send the survivors, if any, to Cuba.

[3k9pm]

And this makes them more dangerous than uncounted illegal aliens, terrorists, and who knows what else slipping across our so called border on a daily basis?

Get real.

MS may not be the most pleasant corp in our history but it certainly isn't a threat to national security.
In fact, I believe that without MS standardizing the software platform almost everyone uses today, the internet would be a mere shadow of what it is today.

[APBaer]

"We are Microsoft [Borg v.1].
You will be assimilated.
Resistance is futile.]"

[speekinout]

Good article. Most people don't realize how hampered they are by a monopoly. If Ford had managed it, we'd all be still driving Model T's and saying that they are better than horse drawn carriages.

[scab4faa]

HAHAHA you beat me too it.

Have I said lately how much I hate Microcrap?

[Balding_Eagle]

THIS is an example of your critical thinking powers?! LOL!

[altair]

There is a school of thought in security circles, "security through obscurity." It means, essentially, that if you're sufficiently quiet and unnoticed, crackers will probably hack something else.

This is totally wrong. "Security through obscurity" means you hide your algorithms and your code and pray someone cannot guess a way to break in. Good security (IMO) is where you publish the algorithms and the code and let the community audit them. Consider, for example, the new AES (American Encryption Standard) is fully disclosed, but is none-the-less very strong.

[SoDak]

In fact, I believe that without MS standardizing the software platform almost everyone uses today, the internet would be a mere shadow of what it is today.

Ding, ding, ding. Totally right. This is what I have said all along. I'm a Unix administrator, and generally I avoid using MS whenever possible, but the Microsoft "monopoly" was exactly what was needed at the time to get everyone on the same page. Sure, it would have been nice to have had a better OS to centralize around, but we didn't. Like it or not, MS drove the 90's boom. The debut of Windows 95 skyrocketed companies like Gateway, Dell, and Compaq. This, in turn drove companies who provided components, services, and support.

[altair]

MS may not be the most pleasant corp in our history but it certainly isn't a threat to national security.

You didn't read through the companion articles. It says here:

Nor is that the only place where this policy is being employed. The End-User License Agreement with the "security" update to Windows Media Player in June contained this provision:

"Digital Rights Management (Security). You agree that in order to protect the integrity of content and software protected by digital rights management ('Secure Content), Microsoft may provide security related updates to the OS Components that will be automatically downloaded onto your computer. These security related updates may disable your ability to copy and/or play Secure Content and use other software on your computer. If we provide such a security update, we will use reasonable efforts to post notices on a web site explaining the update."

"Automatically downloaded" means there's a backdoor into the computer for Microsoft's use. It also means bad guys can use the same (mis)feature to install malicious software.

[supercat]

...the Microsoft "monopoly" was exactly what was needed at the time to get everyone on the same page. Sure, it would have been nice to have had a better OS to centralize around, but we didn't.

Indeed, I remember when many programs would support half a dozen video cards, but not the same half a dozen. Buying any video card that went beyond the "obvious" VGA extensions (e.g. including 512K by extending the map from $A0000 to $BFFFF using normal 'bit-plane' access, and allowing register programming to reach 1024x768) meant knowing or guessing what software one would need to use with it. For all of Microsoft's problems, they did manage to get the driver business solved well enough that one could buy software and hardware independently.

[3k9pm]

And this malicious software can disable or launch our nuclear arsenal how??

This is not a national security issue.
Personal privacy issue, yes.
Chicken sh*t way to do business, yes.