Friday, November 23, 2012

Why Windows is akin to the wild, wild west

One of the problems as a Windows developer is that Windows violates many core principles of a protected mode Operating System. Namely, that applications should be isolated from one another. The ease of DLL injection via shell hooks is simply absurd, as is users running with administrative rights. Although UAC helped a little with the latter, it didn't do much since any software installation requires elevated rights. During installation, whatever happens, happens ...

Now, this wouldn't be a problem if there wasn't so much crap out there. There are two issues. One is poorly written applications that map themselves into other processes, causing problems throughout the system, sometimes quite randomly, or sometimes very selectively.

The other issue is malware or other unwanted applications like pay-per-install toolbars. These things get bundled up with software that is often free and open source. Download sites then pay for advertisements and fight for search engine rankings. It is legal for them to do this with free and open source software, regardless of what the author wishes (depending on the license). For commercial software, the vendor can at least protest. Of course, since a certain otherwise well respected download site set the precedent for allowing bundles, or download managers, this has become more common than ever, and something that can only be expected from most download sites that host their own files. The few exceptions out there are gems and we'll have to hope they don't give in to the financial temptation.

So, we end up with an environment which is absolute chaos. Any PC that gets anything installed, or used for that matter, is going to likely end up, over time, in a state of severe degradation, if not being totally compromised from a security standpoint (0wned ;p). Since malware, once installed, can hide its presence completely from any scanners while the OS is booted, your security software won't do much after the fact, and usually doesn't do much before the fact. In fact, false positives are a huge problem because they are trying so hard to find some way to determine what bad software even looks like. There is no pattern to it, as there was with viruses.

This may change, to some degree, with Windows 8 and the new Microsoft App Store, assuming it takes off. Though these stores have proven to be highly exploited as well, since it is difficult for them to define what a 'bad' application is, and therefore you end up with shady vendors operating in every shade of grey they can. Microsoft does at least seem to be taking the vendor verification process seriously, as we at Bitsum had to undergo pretty strict integrity checks.

Oh well ... that's just how it is.


Do remember that a more strict application ecosystem does mean a lessening of freedom. Just like some vendors are now locking the OS on the device, applications you might want to use that aren't certified won't be available!

No comments:

Post a Comment