Skip to main content
The Sum of All Our Fears

Over dinner at the eCrime Congress I found myself sitting next to the CTO of Microsoft’s Security Business Unit, Dave Aucsmith, who isn’t your usual kind of industry character. We had started talking about flying and that’s when I realised that the novelist, Tom Clancy, may have loosely based his character of Jack Ryan on Aucsmith, who, as a former US Navy intelligence officer can count active service in carrier-borne F14 Tomcat fighters, followed by a stint in submarines, in addition to being the CTO for Intel prior to being lured to Microsoft.

Aucsmith believes that we may have seen the end of the RPC/DCOM style exploits against the Microsoft platform that peaked last year, now that the critical gaps in the Windows code have been patched. However, he points out, that the time between a patch being made available to the public and the first exploit appearing has now decreased to a level which makes patching no defence in larger organisations. In fact, it now takes an average of nine days for a patch to be reverse engineered by hackers to expose the vulnerability it protects against. “Blaster”, says Aucsmith, “Demonstrated the complex interplay between security researchers, software companies and hackers who now hack together worms with posted exploit code and worm toolkits”, a worrying new phenomenon regardless of which flavour of Operating System you might favour.

In defense of the progress being made under the company’s Trustworthy Computing initiative, Aucsmith points out that the security kernel of Windows NT was written before there was a World Wide Web and before TCP/IP was the default communications protocol. Even when one examines the progress made in Windows Server 2003, with its much reduced attack surface, he conceded that its own security kernel was written before buffer overflow tool kits that led to last summer’s damage were available and before Web Services were widely deployed, a fact which only illustrates the nature of the fast-moving target that Microsoft and indeed, any other software vendor has to second guess. If the speed of development and demand for counter measures isn’t bad enough, he points to the problem of highly popular enterprise software products – with off the record examples – that sit on top of the Windows platform but offer poor or very limited security features which only add to the risks of a downstream compromise for which Microsoft is frequently blamed.

So what comes next in the war on Windows? If you look at the history of exploits says Aucsmith, we’ve had attacks against the network protocols, we’ve had DNS spoofing and fractured packets, the “Ping of death”, attacks against Operating System Services and most recently various buffer overruns, Web spoofs and worms. Hopefully, on properly patched systems, those doors are now closed, although the problem of millions of unpatched legacy systems still remains in a growing Broadband environment. What may come next could be attacks against Application Services or even SQL injection but Aucsmith now sees the emphasis moving increasingly towards the theft of information, social engineering and backdoor Trojan control of personal computers, a new phenomenon that demands a concerted international response to the emergence of cyber crime.

What we do know, is that while the larger holes in the Microsoft Operating System have now been patched, the information security battle, like a fast moving Tom Clancy novel, has now moved to a different dimension where the defense of the Windows environment is only part of a much greater tactical problem for the defenders of cyberspace.


Popular posts from this blog

Mainframe to Mobile

Not one of us has a clue what the world will look like in five years’ time, yet we are all preparing for that future – As  computing power has become embedded in everything from our cars and our telephones to our financial markets, technological complexity has eclipsed our ability to comprehend it’s bigger picture impact on the shape of tomorrow.

Our intuition has been formed by a set of experiences and ideas about how things worked during a time when changes were incremental and somewhat predictable. In March 1953. there were only 53 kilobytes of high-speed RAM on the entire planet.

Today, more than 80 per cent of the value of FTSE 500* firms is ‘now dark matter’: the intangible secret recipe of success; the physical stuff companies own and their wages bill accounts for less than 20 per cent: a reversal of the pattern that once prevailed in the 1970s. Very soon, Everything at scale in this world will be managed by algorithms and data and there’s a need for effective platforms for ma…

An Ockham of Gatwick

The 13th century theologian and philosopher, William of Ockham, who once lived in his small Surrey village, not so very far from what is today, the wide concrete expanse of Gatwick airport is a frequently referenced source of intellectual reason. His contribution to modern culture was Ockham’s Razor, which cautions us when problem solving, that “The explanation requiring the fewest assumptions is most likely to be correct;” sound advice which constantly proves to be true.

A week further-on since Britain’s second busiest airport was bought to a complete standstill by two or perhaps two hundred different drone sightings, it is perhaps time to revisit William of Ockham’s maxim, rather than be led astray by an increasingly bizarre narrative, one which has led Surrey police up several blind alleys with little or nothing in the way of measurable results.

 Exploring the possibilities with a little help in reasoning from our medieval friar, we appear to have a choice of two different account…
A Christmas Tale

It’s pitch blackness in places along the sea wall this evening and I'm momentarily startled by a small dog with orange flashing yuletide antlers along the way. I’m the only person crazy enough to be running and I know the route well enough to negotiate it in the dark, part of my Christmas exercise regime and a good way of relieving stress.

Why stress you might ask. After all, it is Christmas Day.

True but I’ve just spent over two hours assembling the giant Playmobil ‘Pony Farm’ set when most other fathers should be asleep in front of the television.

I was warned that the Playmobil ‘Pirate Ship’ had driven some fathers to drink or suicide and now I understand why. If your eyesight isn’t perfect or if you’ve had a few drinks with your Christmas lunch then it’s a challenge best left until Boxing day but not an option if you happen to have a nine year old daughter who wants it ready to take horses by tea time.

Perhaps I should stick to technology but then, the instruc…