The Microsoft Protection Racket

bonch writes "Dvorak writes about the 'Microsoft protection racket' in his latest column--'charging real money for any sort of add-on, service, or new product that protects clients against flaws in its own operating system.' Dvorak argues that someone took a look at the expense of Microsoft's monthly 'Patch Tuesday' and decided to find a way to make money from it instead of fix the code (e.g., abandoning the use of the registry)." I enjoy salt with my Dvorak, but that's just me.

Frank Nitti

[jkind]

In case you aren't ready when Dvorak makes Al Capone related references: http://en.wikipedia.org/wiki/Frank_Nitti [wikipedia.org]

Pfft.

[JanusFury]

Anyone who suggests 'abandoning the use of the registry' has obviously never written Windows software. What do you suggest we replace it with, INI files? What do you suppose we do about the thousands of existing applications that use the registry? How do you suggest we support access controls for individual settings and keys - make a single INI file for each one?

Changes like 'get rid of the registry' are changes you make when you release a new OS, not when you release a service pack. OS X, for example, uses flatfiles to store most (if not all) preferences, but that's something they designed in from the start.

It's pretty annoying how people always suggest blatantly stupid 'solutions' to problems instead of focusing on real fixes like better design and better testing...

Re:goodbye registry... hello registry!

[kernelpanicked]

Maybe because GConf is only a tool to flip switches in human readable xml files..not a registry.

Clueless Moron

[bigtallmofo]

I forgot to turn off my CUTEftp client and left it running all night. In the morning some system had loaded some weird software called "active skin," and I had to use SpySubtract to remove 26 Registry entries...how anything manages to worm in through the open port and place items in the Registry is beyond me, but it happens all the time.

Amazing how he jumps to the conclusion that because something told him he had spyware on his system, he assumes it's because he left an FTP client in memory overnight. Interesting theory.

Because FTP clients typically aren't exploitable "through an open port", you dingleberry, let me propose an alternate theory: You're a clueless moron that doesn't understand the most basic of security concepts.

Re:goodbye registry... hello registry!

[tehshen]

The Registry is a large, undocumented, binary file readable only by itself; GConf is a program to edit human-readable XML files.

I am not so keen on either but GConf is still the better option

Re:Argh

[Frankie70]

He has actually gone out and complained in a column about the System Idle Process taking up 98% of cpu on his Windows machine and making the box thrash.


This is the said article.

http://www.pcmag.com/article2/0,1759,1304348,00.as p [pcmag.com]

Re:Pfft.

[jsight]

And what is wrong with an individual INI file per app and/or per user? I mean, *nix has been using that for a long time, and it sure makes down-and-dirty administration ten times easier.

Unless, of course, you are a Gnome use, in which case you get GConf. What is GConf? Well, it's a nice implmentation of a registry. :)

Replacing the Registry with flat files

[QuestorTapes]

>> Anyone who suggests 'abandoning the use of the registry'
>> has obviously never written Windows software. What do
>> you suggest we replace it with, INI files?

> Or property lists, yes.

Well, INI files don't scale well; not because they are flat text files, but because the way a hierarchy is modelled in an INI file is inefficient and error prone. Something in the nature of a property list would be quite reasonable.

It is also worth noting that since DotNet, lots of data that used to be in the Registry is now in XML files in the application folder. That's a big part of the XCOPY install feature MS brags about for DotNet.

>> What do you suppose we do about the thousands of existing
>> applications that use the registry?

> Wrappers for the INI/PLIST files that behave like the old
> registry calls.

Perfectly doable.

>> How do you suggest we support access controls for individual
>> settings and keys - make a single INI file for each one?

> Why not?

Well, it isn't strictly necessary to use the Registry to support access controls on keys and settings. As long as the file itself only allows administrator access, the APIs that model the current Registry APIs can implement key and value level security within the file. This would make the files read-only in a text editor for common users; however a simple editor could be created that allows the appropriate access to the individual keys via the APIs.

But INI files aren't appropriately structured for that; XML files would be better, or any number of less-verbose-than-XML text formats.

> OS X does this like a dream, I can take my Library folder with me
> and wham, everything is the way I like it on a new machine. I'm
> sure it would be possible to do something similar on Windows,
> provided I paid $50 for some crappy shareware product.

Well, it wouldn't be a crappy $50 shareware product to virtualize the Registry. Since the APIs are inside ADVAPI32.DLL, and are used during the boot process, it would be a kernel hack; generally more expensive when done third-party. MS could do it safely; third parties would need to worry about MS breaking the hack with an OS update.

No, Zonk, it isn't just you

[Anonymous Coward]

The last time I took Dvorak seriously was in the late 80's. Once I got a clue, I realized he didn't have one and I started ignoring him. He isn't news, nor is he stuff that matters. He's just a lump of clay that one day will turn into worm food, like the rest of us, but unlike the rest of us, he can safely be ignored.

Word of the post: benign

Re:Pfft.

[DoofusOfDeath]

I think the registry's origin was related to, or motivated by, the introduction of OLE (now ActiveX) controls.

Theoretically, when you register an OLE / ActiveX control, any application in the system should be able to use it. I believe registring the control tells Windows what the mapping is between a short identifier (GUID) for the control, and the DLL that contains its code. When an application wants to use an OLE/ActiveX control, it supplies the GUID to the Win32 API, and Windows then consults the registry to hunt down the corresponding DLL.

I could be wrong, but I think applications' use of the Registry may have come after that.

Re:Registry is the problem?

[lgw]

How does a program run without you having any knowledge that it was started? The registry makes this easy, as there are many places for malware to hide. The argument is outdated, however, as there are good tools to find what's hiding in the 6 or 7 places in the registry that specify programs to start automatically, and malware is moving into kernel space.

Re:Maybe he has a point

[tsotha]

My take on Windows is it would be a hell of a lot more secure if programmers didn't force me to install everything as Administrator. I once tried to use non-administrator accounts at home and finally gave up in disgust. Every third-party peice of software required administrator access to install (which is fine) and could only be run successfully by the installing user (which is not), because pretty much Microsoft was the only company to follow best practices. Now I use the admin account for everything but web-surfing.

I could understand it if those best practices were really complicated or undocumented, but they're not. Programmers are just lazy.

Re:Microsoft addresses Windows security concerns

[YU Nicks NE Way]

He claims to be qualified to blame Microsoft for security holes in its products, doesn't he? It's clear that he was slammed by a security hole in a third-party application he was running on his system as an Administrator. (Not to mention, a third party application with a history of known defects...)

He has no business complaining about Microsoft's "protection racket" if he honestly doesn't understand that his recent issue has jack-squat to do with Microsoft.

Re:Pfft.

[omibus]

I agree, we can't just do away with the blasted thing, but...

Even Microsoft is telling people not to use it anymore to store app setting. They actually do recomend using ini or xml files for that. Case in point, the default place to store app settings in ASP.NET and WinForms is in an xml file (either web.config or app.config).

Now, completely doing away with the registry? Impossible. There are too many things that the registry does for Windows that the blowhards on this list dont even know about. All of .NET and ActiveX run thru the thing at one level or another.

And as much as the people of slashdot hate ActiveX (and its big brother .NET), that is what makes writing apps on windows do-able, and a lot more fun than Linux.

Thats right, because of the restistry, stuff just works. We have installs that just work. We have programs that can talk to eachother, and it just works. Linux, not so much.

Explorer Freeze

[Anonymous Coward]

To be fair, he was complaining about an explorer hang (he only bitched that the system was pretending to be idling).

That's quite common in some situations, and Russinovitch dissecates one quite nicely in his blog:
http://www.sysinternals.com/blog/2005/08/case-of-i ntermittent-and-annoying.html [sysinternals.com]

Re:Pfft.

[ettlz]

Yes, but:

1. it's done in XML and can be hand-edited;
2. it's stored in a directory hierarchy in the filesystem so it's more robust; and
3. you can nuke it and not FUBAR the system.

No, sadly, CuteFTP contains exploitable adware

[Animats]

Unfortunately, some versions of CuteFTP contain the Aureate adware client [sdnpk.org]. Aureate is an entry point for attacks. [grc.com] "It is able to secretly download and cause Windows to execute any arbitrary program into the unsuspecting user's computer". ... ""phones home" every single time you use your web browser" ... "can, at their whim, accept and download any file into your system named "update-dll.exe" and then arrange for Windows to run this unknown program" ... "is trivial to "redirect" so that instead of phoning home to one of Aureate's servers, it connects to any other arbitrary server on the Internet." ... "They will always be responsible for sneaking 22 million copies of buggy and frightfully insecure spyware into the world's Windows PCs."

Later versions of CuteFTP supposedly don't contain Aureate. Supposedly. You may or may not believe them. Better to not use CuteFTP, any other Globalscape product, any Aureate/Radiate product, or any product that ever contained Aureate. Here's a old list of programs known to contain Aureate. [accs-net.com]

Aureate changed its name to Radiate. In 2001, they settled a class action [clickz.com] over privacy issues.

Radiate tried again with "Go!Zilla". Some versions of Go!Zilla have adware and/or spyware. The current makers of GoZilla claim "The current Go!Zilla software contains no advertising. There are several older, out-of-date versions of Go!Zilla which contain advertising from 3rd parties." But then they say "Go!Zilla will make certain partner software programs available to you during the Go!Zilla trial version's installation. These products are not necessary to the function of Go!Zilla, and you may decide if wish to install them. Make sure you read the installation prompts carefully to insure you get the best installation for you. Each partner program has its own privacy policy, and Go!Zilla is careful to screen partners for product quality and responsible privacy policies."

Or, in other words, "we're going to load up your machine with adware if you're not very, very careful during the install."

Aureate/Radiate appears to be defunct. Unclear whether they went bankrupt, were acquired, or are on the lam.

AdAware can be helpful if your system is infected with Aureate/Radiate, although it may not find attacks downloaded via the security holes.

For more details about Aureate, Radiate, and CuteFTP, click here (long .pdf). [unwantedlinks.com]

Re:Microsoft addresses Windows security concerns

[LionMage]

If you read any official Microsoft documentation regarding the administrator account, they recommend that users do not log on to a workstation with the administrator account as their regular user account.

If that's the case, why does Windows XP Home Edition default to making the user's primary account an administrative account -- one which requires no password unless you tell it explicitly to require one?

In many corporate IT organizations, it's become commonplace to grant administrative privileges to a user for their local machine; they still can't use those privileges network-wide, but it gives them enough ammo to shoot themselves in the foot. It's just more practical (in the eyes of IT staffers, anyway, if not in reality) to do that, rather than have an administrative account and password that's global which everyone knows. This has the added advantage of creating an audit trail so that when a user installs some unauthorized software on a workstation, it becomes pretty easy to tell who installed it.

Logging in with an unprivileged account and then running binaries piecemeal with administrative privileges sounds great in theory, until you have to run some ill-behaved software that assumes you're already logged in as an administrator. (This happens a lot at my workplace, but I can't really elaborate more than that.) The inconvenience and impracticality really has an effect on productivity.

I'm not saying that your suggestion (using "Run As...") won't work... just that in the real world, most people would chafe if they were forced to work like that. That, plus the ill-behaved 3rd party software issue I mentioned, really makes it not a very good practical idea.

Re:Pfft.

[Midnight Thunder]

Actually, abandonning the registry is one thing I would like to see. My main reason being applications over-dependency on it and that if you reinstall the system you are left reinstalling every program that assumed that a given entry would be there. Good programs, will still work even if you drag them to another computer, where the installation program was not run. Visio and TextEdit are two programs that I found worked well after reinstalling the system. Microsoft Office was one program that did not.

If you ever used OS/2, then you will know some of the dangers of having a rapidly changing central directory.

From having used MacOS X I got to like the way it handled storing configuration settings. Here The system wide settings are stored in the form of XML files, in /Library/Preferences and the user preferences in ~/Library/Preferences . The file names using a reverse domain name style naming, so for example the Mail program from Apple has its settings saved in fa file called com.apple.Safari.plist (plist being the xml file format). I moved my account from one computer to another and nothing broke. I even reinstalled the system and still there was no installer I had to run for the other applications.

Re:Pfft.

[InfiniteWisdom]

0. Entries have a "short description" and "long description" attached to them that tell you what each setting does, what the valid values are and so on instead of just being some magical value.

Re:Microsoft addresses Windows security concerns

[sconeu]

The problem with "Run As..." is that it still requires you to give out the Admin (root) password. There is no equivalent to su/sudo/setuid programs, where you can give out privileges on a per-program basis.

Would you give out the root password to your users?

The Registry Isn't The Problem

[Carcass666]

Why the registry is Good:

1. As of W2K, you can assign permissions (granted, useless if everybody runs as admin)
2. Program settings under HKCU follow users around (when implemented properly, this works very well)
3. Easy to read/write from

The pains of the registry often have not much to do with the registry itself:

1. Silly things like HKCU\Software\Microsoft\Windows\CurrentVersion\Run (where a lot of spyware hooks itself) shouldn't even exist because it refers to machine-specific files (not user specific)

2. IE's poorly-implemented ActiveX plug-in architecture is not a registry problem, it is an application design problem (if IE used a flat config file to store the ActiveX info, it would still be just as bad)

3. Microsoft Office stores its configuration data as binary blobs instead of typed data - laziness that causes unnecessary cross-version compatibility issues

If Microsoft would simply disable the Run key in HKCU, set up an Execute flag (like *nix) and make it default to run as non-admin (which it does in Vista, AFAIK), it would be quite a bit more secure than it is. At any rate, though, none of these things has much to do with the registry. If startup programs were stored in a file somewhere, it would be well-known quickly enough, and we would have just as many problems. Security through obfuscation doesn't work, we all know that.

Re:I can write on PC Magazine too!

[Anonymous Coward]

You appearently are not familiar with Dvorak or his writing. He is definately NOT a linux zealot and he always writes like that. I've been reading his articles for 15 years and he almost always makes me laugh at least once per article. This one was no exception.

Nope. He's not a troll or a zealot. He's just another pissed off user who's not afraid to tell the hard truth.