In “Matrix Revolutions,” our hero Neo enters a (simulated) dark and stormy night. He finds himself surrounded by ranks of grim-faced copies of “Agent Smith,” the former intrusion detection avatar whos grown into the ultimate virus. “Welcome back,” Smith snarls, as the rain pours down and his thousands of clones look on. “How do you like what Ive done with the place?”
In point of fact, I dont like whats been done with the place at all. Turning on the PC and heading into cyberspace used to feel like taking a bike ride along the beach. Today, it feels more like suiting up to deal with a hazmat spill. Id no more go up on a DSL connection without my firewall than Id handle radioactive waste without my lead-lined bunny suit.
Objective measures support my sense of being at risk. The SANS Institute, as of last month, estimated that the average brand-new Windows XP machine will enjoy only 20 minutes of happy innocence after making its initial Internet connection—half the time estimated a year ago.
Last November, SANS released Version 1.1 of its helpful “Windows XP: Surviving the First Day” checklist. Page 1 of that 13-page horror story includes the disheartening statement, “To keep this guide short, only critical steps are shown.”
From the vibrations that I pick up from users in real-world settings, people are really starting to wonder when they power up their PCs: Will I get anything useful done today? They know that any number of random events or malicious acts could cost them hours of wasted time. Added security tools arent actually all that helpful, in terms of a satisfying sense of being productive on a PC; dealing with firewall configuration complications is only slightly better than dealing with data loss. Either way, its not what theyre getting paid to do.
I have to remind myself, sometimes, of just how unpleasant most people find the prospect of nursing their PCs during what are supposed to be their working hours.
My wife has lovingly pointed out that as a technology analyst, if I spend all day figuring out exactly how and why something isnt working, Ive at least got something to write about. If I fly down that rain-soaked alley and leave Agent Smith with his sunglasses shattered, I can call that earning my pay.
On the other hand, if my aerospace-engineer wife spends 8 hours at the office merely getting her Sun workstation to shine, shes lost that day and gained nothing useful in return.
Whats to be done? I wonder if the problem is that systems are designed too well to do everything—and are therefore able to do too many things wrong. These days, both enterprise and individual users unpack a new machine with a network connection close at hand—lets turn that into an asset instead of a liability.
We shouldnt deliver systems configured for unrestricted Internet access, then make a whole series of complex security-based exceptions to that rule. Thats the hard way to do things. We should start at the opposite extreme.
A system should come out of the box only able to connect with a single trusted site—provided by either a vendor or an in-house support organization. That initial contact would use preinstalled, fully trusted configuration utilities to perform all software updates. It would offer access to both the free and the premium-priced versions of basic applications, such as browsers and office suites, and handle all needed registrations. It would configure firewall rules based on the applications to be used. It would do this without multiple restarts—which can be done if we design operating systems with that requirement in mind, just as Digital Research did with FlexOS back in the early 1990s.
Im not talking about a Palladium-style security scheme that restricts users options. There should still be an expert mode that does things the way we do them now.
Im proposing a new default, though: to configure system privileges from the bottom up, instead of starting with wide-open systems and frantically battening down their hatches before something bad gets in.
Let Smith hang out in the rain. Im going for a ride.
Technology Editor Peter Coffee can be reached at [email protected].
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.