Longhorn Starting to Scare Me
While watching a couple of the Longhorn Concept Videos showing off some of the new capabilities of Microsofts next-gen operating system I was quite impressed. Some of the demos had a bit more eye candy that I thought was really reasonable in an app, and the desktop environment looked pretty much like XP with a black theme (I don’t know if the “real” avalon desktop visuals are out there yet), but other than that, quite impressive.
Two things worried me though. They were both noticed in the Healthcare demo.
At one point they show how an attachment could be sent for medical X-Ray slides. Real X-Rays are way to big to send over email “so when we click the attachment we get the software installed seamlessly with no confusing prompts” (quote from around 4:00 into the video) and it’s used to create a secure link to do a nifty combination of screen sharing and whiteboarding (along with using ink to annotate the X-Ray data with notes and what not. . Hold on a sec… software is seamlessly installed? Not even a warning? Holy shit! I thought that’s the sort of thing we were trying to get away from?
I hear the Microsoft apologists screaming back “But it’s secure code execution! The user has a public key! It’s secure!” To them I say, “uh huh, sure it is, and no one will ever hack, break, or spoof this? I’m still getting hundreds of spams a day that are sent from people who are infected with outlook worms because they clicked, through their own stupidity or social engineering, on an attachment that they didn’t know was dangerous. These days even Microsoft recommends that you type in URLs instead of clicking them because their software can be fooled into not properly giving out correct information. And these same people expect me to click attachments from people, whether I know them or not, whether they have security credentials or not, that will run random software on my system without even asking???
You have got to be kidding me.
The second thing that boggled my little Linux-freak mind was a bit later on the demo shows the user searching his local hard drive for certain documents, opening a document and getting a notification from a third party about information pertaining to this document.
The demo voice over says that they “had a previous relationship” with the third party. I don’t know if that means that he allowed them to watch for acceses to this document or something like that. However, as it was shown the user opened a document and immediately a
pop up ad notification window popped up informing the user of a clinical trial related to information in this document and asked if he had any patients to participate. Again, clicking the mouse button installed software “seamlessly” and ran it on his system.
Does this worry anyone else? I admit that the demo was slick and the implications of the ease of use and data sharing and communication capabilities were very impressive. However, it was still a demo. My concern was not the ability for this technology to be used for good, hell, you can have software installed seamlessly through Outlook Express right now, but the potential for it to be used for evil. If you’re going to allow random code to be run via clicking an attachment, or a company to be able to basically attach a pager to their system to alert them if you open a document on your own local computer (or maybe the software runs locally, which is even worse, now you have a bunch of programs running waiting for you to open documents), you had better be sure it’s 110% secure.
Can they do that? Anyone who knows anything about security gives this an emphatic No, because “security isn’t a product, it’s a process” (Bruce Schneier quote).
I’m sure it’ll be made as secure as they can think to, and account for all the loopholes and security holes they can possibly imagine, but it’s the ones that they don’t think of that will, will get exploited.
Luckily it’s all just demos and wishful thinking until the product is released.