[lug] OT: possible future of tcp
jkarns at csd.net
Fri Aug 3 19:24:39 MDT 2001
I just stumbled across this article, which In light of the recent red worm
and sircam virus, this is especially intriguing. For the full text, see
John Karns jkarns at csd.net
And now, we have the impending release of Windows XP, and its problem of
raw TCP/IP socket exposure. As I detailed two weeks ago, XP is the first
home version of Windows to allow complete access to TCP/IP sockets, which
can be exploited by viruses to do all sorts of damage. Windows XP uses
essentially the same TCP/IP software as Windows 2000, except that XP lacks
2000's higher-level security features. In order to be backward compatible
with applications written for Windows 95, 98, and ME, Windows XP allows
any application full access to raw sockets.
I am not making this up. The story came to me from people I have come to
trust, and I have looked into it closely enough to think it might have
some validity. But for the sake of keeping lawyers off my back, let's just
call it a rumor, and only use it as a basis for discussion. To be
perfectly clear, I am not claiming that the following is true -- just that
I have heard it from more than one source, and think it accurately
characterizes some past behaviors of Microsoft. Perhaps by bringing it
into the light, we can ensure that Redmond takes a more thoughtful course.
I certainly hope it is wrong.
Programmers who ought to be familiar with Microsoft's plans have suggested
that the real motive for raw socket support is for Microsoft to use
Windows XP to exploit a bad situation, to deliberately make things worse.
According to these programmers, Microsoft wants to replace TCP/IP with a
proprietary protocol -- a protocol owned by Microsoft -- that it will tout
as being more secure. Actually, the new protocol would likely be TCP/IP
with some of the reserved fields used as pointers to proprietary
extensions, quite similar to Vines IP, if you remember that product from
Banyan Systems. I'll call it TCP/MS.
How do you push for the acceptance of a new protocol? First, make the old
one unworkable by placing millions of exploitable TCP/IP stacks out on the
Net, ready-to-use by any teenage sociopath. When the Net slows or crashes,
the blame would not be assigned to Microsoft. Then ship the new protocol
with every new copy of Windows, and install it with every Windows Update
over the Internet. Zero to 100 million copies could happen in less than a
year, and that year could be prior to the new protocol even being
announced. It could be shipping right now.
Suppose you are a typical firm that also has some non-Microsoft servers.
You will want to use this new protocol between your Microsoft and
non-Microsoft servers. Microsoft could charge Sun millions to put TCP/MS
on their systems. Microsoft can promise open support, but make it
financially impractical. Then use it in a marketing attack against
competitors. Zero-Footprint network drivers, ODBC, and MAPI are examples
of Microsoft "open" standards that took years for non-Microsoft firms to
use. Almost anyone who would have wanted to use these open standards has
been driven out of business.
Second part of the push for the new protocol will be from AOL/Time-Warner,
normally Microsoft's top competitor -- but not on this issue. AOL isn't
really part of the grand vision of the new protocol. It's just that if
they get more of what they want (paid accounts, music and video
royalties), they won't object to Microsoft pushing for secure
Third and most powerful part of the push for Microsoft's new protocol will
be action by Congress. They'll cite concerns of business, and hold up the
standard scare tactics of terrorists and child pornographers. They want
all connections, all packets to be traceable.
Say goodbye to TCP/IP and to anonymous connections of any kind. Hello to
Hailstorm, tracking everything down to the last mile, and a more
business-friendly Internet with prioritized packet-handling.
More information about the LUG