Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

Windows 95 Turns 10

Ten years ago, last week, saw the introduction of one of the most influential software applications of the modern computing era (August 24, 1995). Microsoft released their Windows 95 Operating System to eager PC users, the first 32-bit Operating System for personal computer users running IBM-PC compatible systems. IBM and Apple looked on in interest, as Microsoft was finally releasing their much-hyped next generation Operating System, which would bring to the mass market many features which OS/2 (IBM), and System 7.5 (Apple) had provided to their respective users. Although not a true Operating System at that stage - it was a graphical application which rested on top of a modified MS-DOS, it was a resounding initial success.

For many years, IBM-PC compatible users had dismissed the mouse and the graphical user interface (the GUI), as merely toys, something that 'real' computer users could do without. The release of Windows 95 changed that approach, and allowed Microsoft to aggressively pursue their goals of increasing the size of the Personal Computer industry. This was spectacularly achieved with Windows 95, and the following consumer version of Windows 98. Unfortunately, a large number of the new computer owners (and users) had no in-depth knowledge of how their systems worked, preferring to remain in the position of knowing how to achieve the tasks that they needed to, ant not much more.

Even with this success, it may have laid the seeds for the persistent security problems facing Microsoft Windows users, even now. While the security of the competing consumer, and business, Operating Systems was not all that advanced, Microsoft's mass market appeal made it more susceptible to future abuses, as it fostered the introduction of a large, semi computer-literate userbase. The slow recognition of the emerging importance of the Internet was an extremely costly mistake for Microsoft. The addition of an Internet browser (Internet Explorer) was such a late inclusion that it was not present on retail copies of Microsoft Windows 95, but was on the OEM versions.

The power of the new Operating Systems gave software developers a very useful development environment, and the low level of security knowledge at the time meant that developers were not too concerned with possible abuses of their applications such as buffer overflows. In the gold rush to release software, security took a back seat, along with multi-user management (especially difficult in a single user Operating System), and the after-effects are still being felt now, as the descendants of this coding approach are being exploited in the modern networked computing environment.

Some of the sharper historical wits have highlighted a unique coincidence with the release date of Windows 95. August 24, AD 79, was the date that Mt. Vesuvius erupted, burying the cities of Pompeii and Herculaneum. Perhaps a parallel can be drawn with the effects of Windows 95 on modern computing.

In some more positive news for users of Microsoft's Internet Explorer, it has been suggested that the anti-phishing component of Internet Explorer 7 will be provided to users of Internet Explorer 6, via a plugin to the MSN Toolbar. In addition to needing Internet Explorer 6, Windows XP with Service Pack 2 installed will be needed as the underlying system. There is no news as to whether other versions of Internet Explorer, or Microsoft Windows, will have the protection made available.

The recent Zotob worm release, covered in last week's column, has already seen a number of arrests over the creation and released of it. Because of the relation to the earlier Mytob worm, authorities are confident that they have arrested the originators of that worm as well. Given the willingness of companies that have been hit with damaging worms to call for severe punishment (to hide their inability to protect their systems), and the history of the German teenager (Sven Jachsen) who released a Sasser variant, it is likely that the people currently in custody are to face some significant jail time. The arrests were carried out in Morocco and Turkey, and it is not known whether there will be any attempts to extradite the suspects to other countries to face different legal systems - although the FBI are currently indicating that they will not be seeking extradition. From the reporting surrounding the case, it appears that the teenage Moroccan was the author of the Zotob and Mytob worms, writing them for the Turk, who paid for their creation.

The FBI was involved with tracking down the suspects, and utilised technical assistance from Microsoft in finding the source of the worms. The Moroccan teenager was known online as Diabl0, an identity which was already known as the originator of the worm. Various security mailing lists were fully aware of the identity Diabl0, but not the real person behind it. It was suggested that the slipup was the result of the Turkish hacker attempting to move funds from users whose systems had been compromised, but the case is still under investigation. The tracking and identification of the suspects was achieved through electronic means only, separating it from Sven Jachsen's case, where he was identified by associates.

The popular open-source media player, mplayer, has recently been found to be vulnerable to a memory overflow attack which can result in the execution of code of choice by remote attackers any time that a specially crafted audio or video file is opened. The existence of mplayer has been a boon for a lot of Linux users, who have otherwise been at a loss for being able to replay audio and video without booting into another OS. All versions prior to 1.0pre7try2 are vulnerable, and the recommendation is to upgrade to this version. While it is not known whether it is being actively exploited, it could become the basis for a worm that would spread through Linux based systems (one of few possible chances).

With similar news circulating for a while now, another set of weaknesses has been found in the various in-room electronic services provided in many hotels around the world. While most of the vulnerabilities that have been disclosed to date are the result of an incorrect installation and setup, the most concerning reports suggest that the core services are vulnerable to various active and passive attacks, including capture of all traffic crossing the network (i.e. view other hotel clients' mail and websurfing), and insertion of content of choice (i.e. reprogram all television channels to show the adult PPV movie, which has also had payment restrictions bypassed). When traveling and staying in a hotel which offers these sort of facilities, it is important to apply the same sort of caution to your online activities, as you would in an Internet cafe. Essentially, any network connection made from such an environment should not be considered a trusted connection, and you should apply your own internal checks and balances to ensure against compromise.

29 August 2005

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.