A Network Administrator Responds to Winn Schwartau’s ‘Mad as Hell’ Declaration

July 20th, 2005 at 3:00 PM - News by Brad Cook

When computer security expert Winn Schwartau declared he was "mad as hell" and switching his company to Macs, many in the IT sector sat up and took notice. One of those people was Rich Rumble, a security administrator and network engineer for a large dot-com with over 3,000 employees worldwide and more than 700 servers in use.

In an interview with The Mac Observer conducted by e-mail, Mr. Rumble, who has little experience with Macs, said: "I think Winn has his finger on the pulse with most of these topics. Keep it simple, stupid (KISS) is a mantra recited over and over in the security field, especially in IT. I also think that Windows would be better off streamlining the kernel and cutting out the bloat with respect to the tasks you ask it to do, and the amount of code required to do them."

Unfortunately, he doesnit see Microsoftis upcoming OS upgrade, which is code-named Longhorn and will ship late in 2006 or early in 2007, changing that situation. "Thatis to be expected," he explained, "as they need to have interoperability with past Microsoft products, so it stands to reason that they will simply build off the predecessors. Reinventing the wheel would cost much more in every respect.

"Would a inew wheeli from Microsoft solve its problems?" Mr. Rumble asked. "Only if they did it right, whatever that may be. I do feel you can secure a Microsoft OS, without a doubt, but secure out of the box is still a ways off for them. It still astounds me that it took them 10+ years to add a firewall to the OS itself by default."

In addition to the lack of a firewall turned on by default for all Windows users, save those who have XP Service Pack 2 installed, Mr. Rumble cites several other problems with the OS, including: "Inherently insecure applications, such as ActiveX controls and Internet Explorer security settings and scripting set to a very low level by default. Antiquated authentication protocols: Microsoft is still using LanManager Hashes by default to authenticate connections to shares, Web sites and outside of AD domain credentials.

"Administrator by default," he added. "When you set up Windows, your account is placed in the administrators group by default, with no warning of the implications and/or security risks that having such an elevated privilege may have."

Pitfalls For the Average User

Mr. Rumble feels that corporate environments are now better equipped to secure their Windows usersi machines, but "the home user may not know what security risks theyire faced with. Windows, and third party vendors in my opinion, seem to apply band-aids on a cancer, rather than attack and remedy the issues at their root. Windows can be implemented and used securely, but that requires a level of knowledge that the average user may never have at his disposal, or level of comfort."

Among the security measures he thinks home users should implement are a firewall (assuming they donit have the latest version of Windows XP), anti-virus software and automatic downloading and installation of Windows patches. In addition, they should turn off system restore because anti-virus software canit clean its folder -- thus causing viruses to reappear upon reboot -- and they should turn off ActiveX controls and scripting, if possible. He also recommends using another Web browser, such as Firefox, and turning to Internet Explorer only when a Web page requires ActiveX.

He puts some responsibility on Microsoft, too, noting that the company "can educate users about the risks better and build off their MBSA products to walk users through some of the most critical security settings, such as the firewall and scripting level."

Overall, heis happy with the reliability of Windows, and, even though he estimates he uses Linux 80% of the time at work, he prefers that OS for most tasks. However, he said: "I feel Linux is going to catch up fast in the next few years, if they can keep improving the UI [user interface] and interoperability like they have so far. If the OS remains free, and if it can improve to the point that the average user will have little problem getting around and using the OS, Microsoft will suffer the most. Microsoft should find a way to KISS, and they would be able to benefit."

As for the vaunted "halo effect" caused by the iPod, Mr. Rumble believes "itis real, and has been for a long time. Iim sure it will get people into the Apple stores, or make them curious enough about Apple to try their other products."

As an analogy, he offers up an experience buying a car: "My brother bought a used Honda the same year I bought a new Ford. The Honda was four years older and had high mileage, but he only had to do regular maintenance to it, while I was replacing alternators and spark plugs and getting new header seals. I know my way around a car, so I wasnit snowed into those repairs; they were needed. Now the whole family is Honda owners, and we donit look back."