One man’s campaign to improve Windows security. 7/3 ReleVents hed: DoS and XP dek: One man’s campaign to improve Windows security. By James Mathewson
I’ve been blessed over the past two months to get every e-mail notice from Steve Gibson, editor of Gibson Research Corp. site about his ongoing efforts to keep his site alive in the face of near-continuous denial-of-service (DoS) attacks. Already an expert on home computer security, Gibson has become something of an expert on DoS simply because he has spent most of his time in the last two months fighting these hackers. His site is now required reading for anyone who wants to fend off DoS attacks.
Since his eyes were opened about the power of this type of attack, he has become deeply disturbed by some of the features of Windows XP–soon to be released by Microsoft. As a news story on our site today describes, he has tried to convince Microsoft to drop its support of raw sockets in Windows XP. In the course of his discovery, including a conference call with several XP developers, Gibson discovered a mixture of naïveté and denial. According to Gibson, raw sockets will make it easier for hackers to turn Windows XP systems into zombies that can then be launched in a distributed way to create a denial-of-service attack.
Microsoft and several of its partner analysts claim that this likelihood is not that great. One such analyst, Rob Rosenberger, editor of VMyths.com, indicated in the story that it would not be a problem for either “Joe Six-Pack and his 56k (kilobits per second) modem” or “your average Fortune 500 company”. While his statement is true, it demonstrates Gibson’s point about naïveté better than Gibson himself could.
Yes, 56k users’ computers cannot be used as zombies because they must be continuously connected to the Internet in order to do so. And yes, the average Fortune 500 company’s computers cannot be used as zombies because they are protected by a corporate firewall and other security measures. But the average home user with DSL or cable service and Windows XP is both always on and not protected by firewall. Together, these computers can become a deadly force for use in DoS attacks.
Given Microsoft’s patch-a-day security on Windows NT and Windows 2000, it is beyond comprehension that it would refuse to beef up security on its consumer OS. Unless its developers remove raw sockets, I would think twice about buying Windows XP for the home, based on Gibson’s research.
James Mathewson is editorial director of ComputerUser magazine and ComputerUser.com.