|Home » Security
ILOVEYOU2, PC Matic!
Do like the cabbie.
One would think there are limits. But apparently there are no limits.
No limits to dumb. No limits to rip-off.
Stop being dumb. Don't get ripped off.
Most of this is pointless for 90+%. Perhaps it's explained by the so-called Dunning-Kruger Effect, which comes from the observation, time and again through rigorous studies, that smart people are doubtful about their intelligence but stupid people think they're fucking brilliant.
When first we came online in 1998, those in the know were gobsmacked by what we thought was just our kind of ordinary software. Forty apps in a ZIP of 300 KB? Were we kidding? Numerous times people wrote to prod us about our 'secret APIs'. We had nothing of the sort. And, we contended, it wasn't about us doing a superlative job as much as all the rest doing a really crappy job.
Once all the smart people had contacted us, as more and more people heard about this thing called the 'Internet', the intelligence level of those writing to us dropped, at first gradually, then more and more dramatically.
The same when we migrated to OS X and established our CLIXchange forum. There were some pretty bright people in that forum. Most CLIX users were from academia and jet propulsion laboratories. But most forum members used Apple's 'Unix' only as a stepping stone to something more serious, like a flavour of Unix or Linux. Those who were left found little reason to know squat about how their computers worked. Then came the mobile revolution of 2007 and it was all over. Dumb met Dumb and it was a perfect pairing. They truly deserved each other.
So it is today. But, looking through the rear view, one sees that people still use ordinary computers (laptops) and that most of them run Microsoft systems. For that there can be no excuse, and, when it comes to raw IQ, for humanity there can be no hope.
So any hope that this piece, or any number of similar pieces, are actually going to change anything is nonexistent. People are just too fucking stupid. Face it. It's a fact.
So why write this piece? Why go through all the trouble?
For the truth. The truth and only the truth. So the truth gets out there. So it's been said.
We met him first time when he had only one white hair in that beard. (Actually it was grey rather than white.) And he let it grow long whilst trimming all around it.
And he'd sit there, philosophising with us, and was constantly pulling on that grey hair.
After a while I couldn't take it any longer, so I asked him.
'Hey what's with that long hair?'
'It's my first grey one. So I'm cultivating it.'
Brian is the man. Ken and dmr may have made Unix, but bwk's the one who got the message out there. When they say that Unix is not only an operating system but also a way of thinking, as they often did back in those days, it's because of Brian's contribution.
Brian instilled the Unix 'way of thinking' in everything he did, and his 'Software Tools' book series revolutionised computer science.
And the amazing thing about Brian - and we can say this, as we got to know him a bit - is that he took it all in stride. Brian was literally changing the world around him. He was a mover and a shaker. But, to him, it was no big deal. That's the way he treated it.
And, amongst computer science adepts, the best night table book remains The C Programming Language, first edition, simply for the way it's written.
Brian helps even today, even though he's unaware of what we're doing, as he provides the proper framework for all that follows.
It's been obvious for over twenty years that Microsoft products don't work on the Internet. Their Internet browsers are dangerous and incurable. Their email clients are dangerous and incurable. And so forth. You must never connect to the Internet with Microsoft software, period.
This doesn't apply to 'PC' systems in general. All PC systems except Microsoft's are safe. All PC systems except Microsoft's are Unix, or based on Unix. Microsoft systems are not based on Unix.
Explaining why this is so is beyond the scope of almost any article, and probably more than you'd be able to read. But Microsoft and Unix are generically wide apart. They can't be wider apart.
You'll not often hear so-called 'IT professionals' admit this. There are two possible reasons: either they don't dare tell you the truth, or they don't know enough to offer an opinion.
But look at the history of Microsoft online for the past 20+ years. Things really took off with the Love Bug (ILOVEYOU) on 5 April 2000. A script from the Philippines was downloaded to millions of Microsoft PCs and caused billions in damages.
Then things accelerated. Names like 'Code Red' were heard. Code Red didn't need user interaction - it infected Microsoft systems anyway. And wouldn't you know? The chief vendors of 'antivirus' famously gathered at a Canadian country estate to celebrate their 'good fortune'.
Here's another clue. Only Microsoft systems need antivirus. Another way of looking at it: the antivirus cottage industry wouldn't exist without Microsoft.
How does antivirus work? It needs people to submit malware they've found. The antivirus vendor will then inspect the malware and try to find a sequence of bytes (a 'signature') that uniquely identifies it. These signatures are what the antivirus will look for on a scan.
And if it's about a new malware that the antivirus vendors don't know about? Then it'll get through. Then you'll get infected.
[PC Matic uses the opposite technique: it doesn't 'blacklist' software, it 'whitelists' software - software it's familiar with - and all other software gets blocked. This is of course, ceteris paribus, a superior method. See below. Also, the other vendors aren't sitting on their thumbs, but instead try to find 'intelligent' ways to preempt attacks. Yet the fundamental premise stands: it's Microsoft systems that need protection, not the other (Unix) ones.]
There was malware before the Love Bug. But the Love Bug hit hard. It spread like wildfire through office networks and around the globe. Billions of files were destroyed. Cleaning up the mess cost billions.
Thanks to Microsoft, the types of malware became more advanced over time. Thanks to Microsoft, today there are things like 'ransomware', where the perps encrypt your entire computer and then demand a ransom to give you the decryption key. Thanks to Microsoft, today there's something called the 'RBN' - the Russian Business Network - with annual revenues in the billions. Note this malware targets Microsoft computers - and ONLY Microsoft computers.
As long as you use Microsoft products, you are susceptible and essentially defenceless, no matter how much 'antivirus' you have installed.
The people who design the malware buy the same antivirus as you. They buy all available products. Their goal is to continually create new versions of malware that go undetected by ALL antivirus products. Perhaps the antivirus vendors will eventually find a way to detect their latest malware. And, in such case, they'll just find a new way to sneak in undetected. It's a never-ending game, and you're the loser.
Have you ever asked yourself how Microsoft can in good conscience sell you products they know are hopelessly insecure, and inherently weak and flawed? For they've done that. And you've bought them.
Why won't they fix it?
Given that at least some system architects are aware of the dangers with Microsoft systems, why don't the people at Microsoft fix things?
That's an easy question for a system architect but not so easy for a layman to understand. But put it this way: changing the underbody of their system would make their huge catalogue of third-party products inoperable. It's this catalogue that makes Microsoft interesting. People buy Microsoft systems for the third-party software they need, not for the system itself.
Another tack they might try is to run their system inside a (safe) Unix system (sandboxing). That can be done - but if the third-party vendors could count on that safe Unix underbody, then they'd rewrite their products to directly interface with Unix and completely bypass the Microsoft layer. And then Microsoft would be out of the picture, irrelevant and unused. So Microsoft will continue to mislead you.
So much happens on mobile devices today anyway. But that's a different ballgame.
Appealing to the Stupid
Back to PC Matic and their adverts. The PC Matic people think they've studied their demographic. They appeal to the stupid like no company ever has before. They pull out ALL the stops. Really.
Listen to them slur one of the better companies out there (Kaspersky). All to stoke fear and win your trust. And sell more product.
These guys are slick, very slick.
Or how about this one. They're going to go into November 2020 election security, which should get you interested (to an extent at any rate).
Basically they're talking what in the industry is commonly described by the technical term:
'Cyber security for election machines should be a priority... but is it?'
'What is going on with those machines? Rob is checking in to it.... because without safe elections, we don't have a democracy!'
The one thing they will not mention - listen yourself - is the fact that those machines traditionally ran... Oh, you guess what system.
And so forth. The whole thing is an infomercial. Not much more.
'We feel like they're lying to us', says hostess Liz Calloway. Oh the irony.
If you want to discuss collateral damage from Microsoft systems, start right there.
Paper ballots, the PC Matic guy suggests. Bingo. The first and only honest thing they say.
See this from June of this year.
'PC Matic is not your typical antivirus software. Instead of using a blacklist of known malware like most antiviruses do, PC Matic's antivirus scanner has a whitelist of all known legitimate programs. It blocks any program that's not on the whitelist.
'I was curious about whether PC Matic's unconventional approach to malware detection would really work. To find out, I tested it against a wide range of malware, including viruses, trojans, and ransomware. I also assessed its additional features, ease of use, and overall value.
'During my tests, PC Matic's malware detection rate was 100% - while that's good, it also blocked a lot of completely legitimate programs.
'Honestly, I don't think PC Matic can compete with the best antivirus programs in 2022. However, it's a decent, low-cost antivirus that provides good protection against malware.'
The very idea that the computer you purchase is not complete out of the box, that it requires additional products, running through a minefield to make it to the bomb shelter... That's what you get. Microsoft is the theft that keeps on taking.
Searching for Alternatives
No system is completely 100% secure. Some high-brow systems in India achieve the highest 'Orange Book' ranking, but they're rare. And there are differences between the various Unix 'flavours'. But the gap between all the available Unix systems on the one side and Microsoft systems alone on the other: that's a gap wider than the Grand Canyon.
Why MS Systems Need Protection, Why Unix Systems Don't
Microsoft's 'Windows' system is a hybrid. A mishmash. Microsoft started with the totally defenceless MS-DOS, then put Windows on top of it, then bargained with David Cutler to come to Microsoft to further develop his system for his former employer, 'DEC' (Digital Equipment Corporation) which turned into 'WNT' or 'Windows NT', and so forth.
But Cutler's WNT was not meant as a standalone personal computer system or personal workstation system. Cutler's system was meant only to be a 'file server' - to be able to serve up files to people on other computers on request (and authentication).
Bill Gates waited some two years before explaining this to Cutler, who all along was led to believe he was only completing his file server system. Gates in fact asked for two distinct versions, one for network servers, the other for network workstations. Cutler put in some sneaky mumbojumbo in the server version to disable the more advanced features and called it the 'workstation' version. (Cutler never bought into the Gates myth, one might surmise.)
But these two systems were perfectly capable of running on Microsoft's old file system used with MS-DOS. And an operating system with the MS-DOS file system cannot be made secure. No matter what. Sad but true.
Cutler had his own file system - NTFS - but that would see the light of day later. And, once again, the file system targeted file servers, not personal computers. NTFS had fine granularity when it came to file permissions, but that's a system that network admins can tweak once and leave in place forever - not a system that ordinary users can mess with on a continual basis. So, although Windows 'OOTB' ('out of the box') may seem and act as if it's fundamentally secure, that security falls apart more and more as the system is used.
And that's only the thin end of things. For if malware can make it onto your computer, it can find so many cosy places to hide - something that's impossible on a Unix system, both in theory and in practice.
Unix file system security is both more robust and simpler. And, as is often said, there is elegance in simplicity. Unix professes of what's known as 'mandatory access control', as opposed to 'discretionary access control', meaning the following.
- With discretionary access control, you can choose to define (limit) access to your files. But you don't have to.
- With mandatory access control, you have to define - or limit - how your files are accessed.
A good file system security model will work hierarchically. That is to say: files within a 'hierarchy' will be protected by the access attributes applicable to parent directories. This is of incredible importance to Unix users, but it's basically lost on users of Microsoft systems.
Here's the console value of the variable $PATH on a Unix system.
The colons are field separators, so the 'PATH' directories are (reordered):
That's where you find all the basic Unix command files. You can't get anything else (such as malware, or anything for that matter) into their directories. You can't change the permissions on those directories or on their contents. None of that.
All four of those paths are protected. As are the files within. You simply cannot put any new files in those directories. You can't remove any of the files already in those directories. And you cannot tamper with any of those files either. You simply can't.
Unix wasn't designed to be a super-secure Bombay box. But it wasn't going to be wide open like a Microsoft system either. Initially there were about twenty-five PhDs ready to play around with it (twenty-four, actually: the odd man out was a BSc from Berkeley, the chief system architect). They had to make sure their coming system was smart enough to protect itself from them, protect them from each other, and protect the system from itself. That's what they designed. Microsoft's legacy had no such considerations. None.
Cutler's system is more complex, attempting to do little more than a Unix file system, but making it oh so difficult for users to constantly tweak. On a file server? It's good. For a workstation or PC? Nope. So security on Microsoft systems will constantly deteriorate over time.
Once again: you can't hide anything on a Unix system. You can prevent users or groups of users from reading, writing, running, renaming, removing files, but you can't make them disappear. But on a Microsoft system? Hiding things in the 'Registry' is not 100% the same as 'hiding', but if one were, for example, looking for a needle in a stack of needles... Even Microsoft programmers have used the Registry to hide things! It's just too easy for malware to pick a cosy spot and wait to be activated. A Microsoft system is a system begging to be hacked. (Perhaps that's why it happens so often?)
They're very passionate - like one of those Sinclair Group mashups. But you notice there's one thing that's missing. One thing that's never mentioned. That's the way the best propaganda works: stick to the truth but leave out that one crucial detail that makes all the difference. With Covid it was Ivermectin. With antivirus it's Microsoft.
And this is funny?
You'll never convince an ingrained Microsoft user that Microsoft is not the way to go. Yet it's Microsoft that's polluted the Internet and made computing something it's not supposed to be.
Computing is supposed to be like the Computer Science Research Center in Murray Hill, New Jersey. A place where devoted and talented people work to invent things that are good for humanity. And not a place that more resembles the open market at Times Square after midnight.
A place where people aren't afraid to go online. For fear of 'porn storms'. So they literally yank the cable out of the mains to shut the danged thing down. Where website after website offers databases so you can find out more about those 'suspicious' files you've just found, the ones you keep deleting but somehow never go away...
You don't want that, but the frogs in their Jacuzzis will accommodate.
But it would be that simple if they'd just switch. Then they could be proud that they'd also helped make the Internet just a little bit safer.
Crooks there will always be. But cleaning Microsoft off the Internet would force organised crime to return to the streets. It's possibly more difficult to rip someone off if they're more than a few numbers on a computer screen. Remove Microsoft from the Internet and things would revert to the way they were before Microsoft came along.
You don't need antivirus in a Microsoft-free world. Not only are you satisfactorily protected for the first time, but the ROI (return on investment) for malware creators gets too low, and they'll be forced to find other things to do. And everybody wins.
Geoff White contacted us early on when he was researching his book on malware and online organised crime. We gave him what we had and helped him come in contact with others who'd been part of the hunt for ILOVEYOU.
The Radsoft collection is here.
Geoff has a new book out. The promo's here.
Geoff won't be back from holidays until after publication of this piece, but there are important details to clarify. Such as 'exactly what type of personal computers were they using at the Bank of Bangladesh?'