Tuesday, January 03, 2006


"Windows PCs face ‘huge’ virus threat" -- but why do we put up with this?

There is news you can hardly find in your daily paper or even on the Internet: a discussion of exactly why viruses and worms can infect your computer. And how much this is hurting business and personal productivity. And what should be done differently so that we can continue to compute on our desktops without this scourge.

The latest threat, and it could be a biggie, is in this article: Windows PCs face ‘huge’ virus threat on the Financial Times website. Now any picture can be a "dirty picture", or actually a dirty bomb, dropping a virus into your computer if you just look at it.

This has really gone too far. The general assumption is that it has to be this way, that we are being victimized by all those criminals or evil people out there (many of whom may be children!). We need to search more deeply for the source of this plague, both within ourselves and within our computers. Within ourselves because the problem has been allowed to continue too long, and within our computers, because that's where the primal fault lies: the architecture that allows a child in Asia to plant a program in your computer that you don't want there and you don't control.

Imagine for a moment that you lived on another planet. Your PC could not ever be infected by viruses, worms or trojans. Your mom, uncle, or grandmother could simply buy one at the MarsUSA store, take it home, send you some interplanetary email, check the weather back on Earth, and enjoy some classical Mars music.

Well, your grammy on Earth could do the same, except that Microsoft/Intel are not bringing her the technology that we've had on this planet since the mid 1980s. In those days time-sharing computers ran 600 or more simultaneous users at once. Of course Ford could never access data in the space used by General Motors or Chrysler. If that could happen--even once--the time-sharing vendor would be out of business.

They prospered because they used hardware and software that made sure a program could only run in its own space.

Ask yourself, Earthling, why is it that some code arriving in your computer has complete access to memory and your hard disks? That is, any code, whether a valid program, malware, or a programming mistake, can read or write anywhere it likes. It can write into your Windows/system directories, and--get this--it can read your Outlook address book! Now go back to the time-sharing computer technology. Any program that tries to access memory outside of its space, or read or write hard disk it has no permission to access, will either get an error message or be booted out completely.

If this architecture were used on the PC (which still resembles most closely the original single-user IBM PC of yore), a virus arriving in your computer might be able to run, but it couldn't do anything to you. Maybe it could compute pi to a thousand digits, but that's about it.

On the mainframes, writing to disk looks something like this (for GE/Honeywell/NEC computers): the program lays out its data in a buffer space it has previously requested. It then does a MME (Master Mode Entry, pronounced "mee-mee") with stuff in the registers indicating that it wants to write that data somewhere. If it's ok to do that, the operating system takes the data and writes it. The program cannot actually write anything, there's no instruction it can execute to write. It doesn't matter what a kiddie in Korea knows, there is just no way to write outside the allowed space.

And the same for reading or writing to memory. This is actually very simple. And of course, no mere program may write anything it wants into the system area. In your PC, anything goes, and as time passes, the Windows system area gets filled up with all kinds of stuff that Microsoft had nothing to do with putting there. No program should have access to the operating system area at all--it should remain as pure as the day it was installed. Imagine that. And if it needed replacing, it just asks all running programs to hold on a microsec or two, replaces itself with the new version, and off we go.

Well, will we have to throw away all our Windows apps to evolve to this kind of a system? If so, I'd do so happily. But with processor speeds so high these days, probably current apps can run in an emulator. Maybe Windows as we know it could just be an app under the new OS.

The virus-writers are getting increasingly clever as Windows is getting dumber, with new holes opening up regularly. Now you can get a virus by viewing an image. That's crazy.

If business put Microsoft/Intel on notice, they would get results. How long will we continue to take this? It's a tremendous drain on business and individual productivity. Why don't we use the technology that's available and end this plague of viruses?

That's the story you never see discussed.


Post a Comment

Requiring those Captcha codes at least temporarily, in the hopes that it quells the flood of comment spam I've been receiving.

<< Home


page is powered by Blogger. Isn't yours?

Newer›  ‹Older