Breaking That Other OS

Yet another means of exploiting that other OS has been demonstrated by Sophos. An ordinary user can gain complete control of the system whether it is XP, Vista, “7” etc. simply by running some code that tweaks a key in the registry. A workaround is to create a new key to block users from changing keys in the registry… Duh… How’s that for backwards compatibility?

This is another demonstration that M$ has created a monster running on nearly every PC on the planet that invites compromise. Now, hundreds of millions of users will have to do some dance with updates or tweak the registry themselves to do something that M$ neglected to do many years ago. In those days M$ had no concept of security. Later they duplicated such flaws to maintain backwards compatibility to ease migration to the next version and to keep the licensing revenue flowing. Now a large part of IT is vulnerable. Watch the video below:

I am in the process of re-installing the OS for a teacher’s personal PC. The machine had XP SP1 on it after installing from the OEM’s 8 CD set. The process involves adding updates to software and these tweak the registry adding layers of bloat to bring the system up to snuff. Because of the registry the system needs to be frequently rebooted and one cannot just install the latest version but has to go through many steps taking many hours. After 18 hours the machine is at the point of installing SP3. Will it be another 6 hours before the thing is fully patched and still vulnerable to this fatal flaw? What a waste of human energy and money. GNU/Linux could be installed legally and up to date in a few minutes. Why do people use that other OS? I was half-hoping M$ would refuse to supply updates for this ancient machine as they have stated they will not support early versions of XP. Nope. wuauclte.exe cheerfully provided all the necessary updates to continue inflicting this pain on the world. I guess M$ would rather these old machines stayed with XP than move to a modern OS like GNU/Linux.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology. Bookmark the permalink.

3 Responses to Breaking That Other OS

  1. Good points, but I disagree with “The act of switching from one platform to another incompatible platform carries such a high initial cost at the outset, it totally outweighs all of the short, medium and long term benefits of the new platform.”

    I have migrated a lot of systems.If you can re-use the existing hardware, the cost is mostly labour one time. There is a lot less labour keeping a system as it is than changing it. The costs of maintaining that other OS forever is infinite. The one-time cost of migrating is finite. Here we migrated almost all of the PCs for $0 hardware cost because we re-use the old machines. The cost of installing on the first machine is real, perhaps a couple of hours of labour. You can then use that to make images to put on all the rest, cutting the time down to 10 minutes or less each or if you use Clonezilla and broadcast on a LAN, a much lower total time.

    Even for a single system, the couple of hours to install, fiddle and explore is trivial in comparison to the lost productivity fighting malware, re-re-rebooting and having the machine slow down.

    It’s hard to quantify, but folks think that other OS is free, so the cost of malware is huge in comparison. They know how much time they spend installing anti-malware and re-installing their OS. Really, people who use that other OS need to replace their systems every few years because the value of the old unit and the price of a new one are less than the cost of fixing it. They just don’t realize that the new machine will also need maintenance. I re-installed XP on a teacher’s computer last weekend. For the hours it took to get everything working again, it would have been far cheaper to buy a new PC, but my time was free…

  2. aikiwolfie says:

    People use Windows for a number of reasons. The primary reason being it comes installed on their PC and they simply don’t know any better. If you suggest they use Linux instead the first thing you need to do is explain Linux doesn’t run Windows software. Which is a problem. Because a lot of people have invested a lot of money on Windows based software. Especially businesses.

    So in practice it takes a long time to ween people off of Windows. Personally I normally start with the web browser. Then the office suit. These are very easy changes to make. The next thing is the MP3 player.

    A lot of Windows users have iPods and they use iTunes to buy tracks for those iPods. So they are locked into Windows running on their PC by Apple. Apple doesn’t produce software for Linux. And getting iTunes to work via something like WINE can be difficult and frustrating.

    Now Linux does have alternatives to iTunes. But if you’ve invested in a massive iTunes library you’re not going to switch. Which is why lock-in is called lock-in.

    The act of switching from one platform to another incompatible platform carries such a high initial cost at the outset, it totally outweighs all of the short, medium and long term benefits of the new platform.

    This is also why IE6 is still so strong in the web browser market. It’s not that people want to use IE6. It’s simply that they see no alternative. Again this is especially true in business where the web browser is used to provide an interface to all manner of back-end applications.

    Personally I think this is an issue that the Linux community still doesn’t get. The proof if any were needed is we’re all still asking the rhetorical question “why do people use Windows”.

    Until we solve the issue of lock-in by companies like Microsoft and Apple, Linux will always struggle to get the attention of consumers. Which is a shame. Consumers like Linux when it’s packaged and sold to them properly. Android is an example.

  3. Dann says:

    You don’t even need to touch the registry to get administrator access to Windows.

    You know the accessibility tools you can access by clicking on the button or + U?

    That program, UtilMan.exe, is running with Administrator privileges.

    Anyone with a linux live cd/usb and something to prove can easily do nasty things before the machine even logs in!
    It affects every version of Windows, obviously.

    How they decided that running a binary available to any random person under admin was a good idea is beyond me. If Windows was FOSS, this would have been fixed years ago. Why not place this accessibility program under an accessibility group without admin rights? Oh right, Windows doesn’t have group capabilities…

    I wonder how many 16-bit application vulnerabilities are still lurking under that mess… One cropped up in the past couple years.

Leave a Reply