Linked by Thom Holwerda on Wed 5th Jan 2011 22:09 UTC
Windows And this is part two of the story: Microsoft has just confirmed the next version of Windows NT (referring to it as NT for clarity's sake) will be available for ARM - or more specifically, SoCs from NVIDIA, Qualcomm, and Texas Instruments. Also announced today at CES is Microsoft Office for ARM. Both Windows NT and Microsoft Office were shown running on ARM during a press conference for the fact at CES in Las Vegas.
Thread beginning with comment 456161
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[4]: BC
by lemur2 on Thu 6th Jan 2011 11:58 UTC in reply to "RE[3]: BC"
lemur2
Member since:
2007-02-17

"The essential features for malware are that: (1) the API must be consistent (so that source code can be recompiled),


1) This is also a necessary for 3rd parties to write good software for a platform that can run on multiple version of the same operating system on multiple platforms.

(2) trade secret source code with binary only executables which are routinely distributed and installed by end users.


Which isn't really a problem if people download the closed source executables from a reputable source i.e. the distributor.

If you downloaded a shell script for Unix/Linux without understanding from a random site and not understanding how it worked and just ran it, it would cause havok on your system as well.

Ergo the problem is user education not the fact that it is closed source. Funnily enough as a educated user I have no problems with viruses and malware even though I use both open and closed source applications.

But you will continue to push your anti-window/anti closed source agenda at every opportunity.
"

There is indeed a great deal of closed-source software, which is distributed as binary executables only, which is perfectly good and functional software.

The problem is that almost all malware is also distributed as closed-source binary executables only, and that (being closed source) there is no way that anyone other than the creators of any given piece of such software can tell the difference. No amount of user education will change the fact that no-one (other than the authors of the software) can tell if a given closed-source binary executable does or does not contain new malware.

This fact is only relevant to this topic becasue someone stated that Windows for ARM would initially be free of malware, which is true, but my point is that there is nothing about ARM that would mean that this remains true for long.

It is "made-for-Windows", and "distributed via closed-source binary executables", that characterises 99% of existing malware. x86/x86_64 versus ARM really doesn't come into the picture. Just as Microsoft can fairly readily make a version of MS Office for ARM, so can malware authors also rapidly make an ARM version of their trojan malware in a similar fashion. It merely has to become worth their while.

BTW ... my agenda is merely to point out facts such as these to everybody, so they can make good decisions for themselves regarding which software they choose to run on their hardware. I make absolutely no apology for this agenda.

What exactly is your agenda in trying to disparage mine?

Edited 2011-01-06 12:10 UTC

Reply Parent Score: 2

RE[5]: BC
by lemur2 on Thu 6th Jan 2011 12:34 in reply to "RE[4]: BC"
lemur2 Member since:
2007-02-17

This fact is only relevant to this topic becasue someone stated that Windows for ARM would initially be free of malware, which is true, but my point is that there is nothing about ARM that would mean that this remains true for long.

It is "made-for-Windows", and "distributed via closed-source binary executables", that characterises 99% of existing malware. x86/x86_64 versus ARM really doesn't come into the picture. Just as Microsoft can fairly readily make a version of MS Office for ARM, so can malware authors also rapidly make an ARM version of their trojan malware in a similar fashion. It merely has to become worth their while.


Actually, it occurs to me that if Windows on ARM does gain appreciable market share, such that it does become worthwhile for malware authors to port their Windows malware (which is almost all malware) to ARM, then existing virus databases will be useless. Any re-compiled-for-ARM malware will have a different binary "signature" than the x86/x86_64 malware does.

This will open up the beginning of a "golden age" for Windows-for-ARM malware, until some lengthy time later when the antivirus and anti-malware scanner authors can build up a similar signature databse for the new for-Windows-for-ARM malware binaries.

Edited 2011-01-06 12:39 UTC

Reply Parent Score: 1

RE[5]: BC
by Neolander on Thu 6th Jan 2011 13:24 in reply to "RE[4]: BC"
Neolander Member since:
2010-03-08

The problem is that almost all malware is also distributed as closed-source binary executables only, and that (being closed source) there is no way that anyone other than the creators of any given piece of such software can tell the difference. No amount of user education will change the fact that no-one (other than the authors of the software) can tell if a given closed-source binary executable does or does not contain new malware.

At least a part of malware can be blocked without knowing how a program works internally, by using a capability-based security model. If the binary blob is sandboxed, it can only do the amount of harm it has been allowed to do.

Most desktop applications, as an example, don't need full access to the user's home folder. Really, they don't. Most of the time, they use this access to open either private config files, or user-designated files. Thus, if we only allow desktop apps to access their config files and user-designated files, we just got rid of that part of malware which used this universal access to the user's home folder for privacy violation or silently deleting and corrupting files without the user knowing.

It's exactly the same tactic as preventing forkbombing by not allowing a process to fork an infinite amount of times by default. Seriously, what kind of non-system software would require that with honest intents ?

This doesn't block the "please enter your facebook password in the form below" kind of malware, though... But at least, the user is conscious of what he's doing now. Only then may user education work.

Edited 2011-01-06 13:32 UTC

Reply Parent Score: 1

RE[5]: BC
by lucas_maximus on Thu 6th Jan 2011 15:10 in reply to "RE[4]: BC"
lucas_maximus Member since:
2009-08-18

The problem is that almost all malware is also distributed as closed-source binary executables only, and that (being closed source) there is no way that anyone other than the creators of any given piece of such software can tell the difference. No amount of user education will change the fact that no-one (other than the authors of the software) can tell if a given closed-source binary executable does or does not contain new malware.


And that is why you get the software from the original author, and guess what ... if you educate someone to always get the software from the original author ... mmmmm.

Furthermore if someone is so uneducated as to how to to avoid threats how will it being open source help ??? A malware author can just offer an "alternative download source" and stick a key logger in there for example ... having the source won't help because the uneducated simply won't know any different.

Also you obviously haven't heard of a checksum then? They use this on Unix/Linux Binary packages as well and also can be used on any file to validate it's integrity.

For example I remember Windows XP service pack 1 having a checksum key on in the installer properties ... if this didn't match what Microsoft had you had a duff/dodgy download.

BTW ... my agenda is merely to point out facts such as these to everybody, so they can make good decisions for themselves regarding which software they choose to run on their hardware. I make absolutely no apology for this agenda.


The thing is you "facts" aren't facts. They are opinions from someone that IMO doesn't really have any practical experience of developing or deploying software.

Unless you work directly in the software industry as a developer or a manager for a development team you simply don't understand the landscape and the issues that developers face.

Also you are biased in thinking that open sourcing everything is a cure to all software problems. This IMO couldn't be further from the truth.

What exactly is your agenda in trying to disparage mine?


Because I think you are biased and do not presents the facts fairly.

Reply Parent Score: 2

RE[6]: BC
by lemur2 on Fri 7th Jan 2011 01:18 in reply to "RE[5]: BC"
lemur2 Member since:
2007-02-17

"The problem is that almost all malware is also distributed as closed-source binary executables only, and that (being closed source) there is no way that anyone other than the creators of any given piece of such software can tell the difference. No amount of user education will change the fact that no-one (other than the authors of the software) can tell if a given closed-source binary executable does or does not contain new malware.


And that is why you get the software from the original author, and guess what ... if you educate someone to always get the software from the original author ... mmmmm.
"

The point is that if the original author is a malware author, then even going to the trouble of getting software directly from the original author won't prevent it from containing malware.

Furthermore if someone is so uneducated as to how to to avoid threats how will it being open source help ???


It is a matter of adopting a self-imposed policy. Linux distributions all maintan repositories of source code, and parallel repositories of binary executables compiled from that source code. Anyone at all can download the source code and verify that compiling it produces the corresponding binary executable. This means that people who did not write the code can nevertheless see what it is in the code, they can compile it for themselves to verify the integrity, and they are users of that code on their systems.

Any user adopting a elf-imposed policy of only installing software directly from such repositories is guaranteed to never get a malware infection on his/her system. There is a very long history of vast amounts of open source software delivered via this means which proves this claim.

A malware author can just offer an "alternative download source" and stick a key logger in there for example ... having the source won't help because the uneducated simply won't know any different.


Yes, it will make a difference. Every single user doesn't need to know how source code works, just one user needs to download the source code and discover the keylogger within it, and "blow the whistle" on that code. It can then be added to a blacklist for all users. It only takes one person to spot the malware, out of millions of users.

Also you obviously haven't heard of a checksum then? They use this on Unix/Linux Binary packages as well and also can be used on any file to validate it's integrity.


Certainly. If you use a checksum to verify that you have downloaded a closed source binary package (even directly from the original author) correctly, and the original author did deliberately include malware within that software, then all you have managed to do is confirm that you have a correct copy of the malware-containing package.

For example I remember Windows XP service pack 1 having a checksum key on in the installer properties ... if this didn't match what Microsoft had you had a duff/dodgy download.


Fine. I don't claim that this is not the case, and I do acknowledge that there is a great deal of perfectly legitimate closed-source non-malware software out there for Windows. Windows XP service pack 1 would be one such piece of software, no argument from me. So?

"BTW ... my agenda is merely to point out facts such as these to everybody, so they can make good decisions for themselves regarding which software they choose to run on their hardware. I make absolutely no apology for this agenda.


The thing is you "facts" aren't facts.
"

Oh yes they are. Each and every one of the claims I have made in this discussion is a verifiable fact.

They are opinions from someone that IMO doesn't really have any practical experience of developing or deploying software.


I am a project engineer by profession, leading projects which develop and deploy bespoke software. I have many years of experience. We supply source code to our customers.

Unless you work directly in the software industry as a developer or a manager for a development team you simply don't understand the landscape and the issues that developers face.


OK, so? I do happen to have many years of engineering experience at leading development teams.

Also you are biased in thinking that open sourcing everything is a cure to all software problems. This IMO couldn't be further from the truth.


You are of course as entitled to your opinion as I am to mine.

BTW, I have made no claim that "open sourcing everything is a cure to all software problems". That is your strawman argument. My claim here is only that users who stick to a self-imposed policy of only installing open source software will be guaranteed that their system never is compromised by malware. If you are going to argue against what I am saying, then this is what you must argue against. Friendly advice ... don't make up something I did not say, and argue against that ... doing that will get you nowhere.

"What exactly is your agenda in trying to disparage mine?


Because I think you are biased and do not presents the facts fairly.
"

And I think you are even more biased, you have no idea how to assess technical matters, and you simply do not heed what experienced people are telling you. How does this help the actual discussion?

Edited 2011-01-07 01:34 UTC

Reply Parent Score: 2