Slide - BBLISA

advertisement
How To Really Scare
Microsoft
Marcus J. Ranum
CSO, Tenable Network Security, Inc.
AKA: Make Bill Your Bitch
2
Who?
•
•
•
•
Early innovator in firewall market
Early innovator in VPN market
Early innovator in IDS market
Chief Security Officer, Tenable Network
Security
3
What?
• What is this talk about and why?
– Computer technophiles appear to despise
Microsoft
• Many talk about “replacing Microsoft”
• Many feel Microsoft is not a good custodian of
the industry
• Many feel Microsoft is a monopoly
– We’ll explore some of Microsoft’s
weaknesses and why they matter
4
The Big Picture
• The industry in which we work has only
been around a short while
– We’ve already seen giants arise and
vanish (Cray, Digital, Data General, Wang)
– Don’t expect Microsoft to last another 20
years in its current form and position,
unless their customers really are stupid
• My ideas are all stolen from: Project
Athena, Plan 9, VAX/VMS, etc.
5
Let’s Get this Out Of the
Way….
(‘cuz it’s gonna hurt)
• “But what about LINUX!?!?!”
– An acceptable alternative to Windows
primarily because it’s free
• Businesses have not made the wholesale shift
to Linux that many were predicting in the mid
1990’s
– Why didn’t it happen?
6
Why LINUX Does Not Rule
• Short form:
– It’s as bad as Windows
• Long form:
– In an attempt to “out-do” or “match”
Windows features LINUX has become just
as krufty, unmanageable, and pimped-out
a piece of bloated shovelware as Windows
(maybe worse!)
7
Linux V. Windows
• “Avoid Strength, Attack Weakness (Sun Tzu)
– The current Linux strategy consists of
attacking Microsoft where they are
strongest (integration, features, 3rd party
apps, single “distro”) while emphasizing
areas where Linux is weakest (system
administration, complexity, software
distribution model)
– That’s exactly backwards
8
So….
• Where is Windows weak?
9
Points of Technological Attack
• System Administration
• Cost / Feature
• Data Lock-in
10
Points of Non-Technological
Attack
• Software sales concept
11
Windows Sys Administration
• 2026AD: The Infocalypse
Every man, woman,
and child on earth
(over the age of 6)
will be a Windows
system administrator
Earth
Population
Time
2026AD
#
Systems
under
admin.
12
Windows Systems
Administration
• System administration is the achilles’
heel of all general-purpose operating
systems
– Since Windows has the largest market
share, it takes the lion’s share of the blame
however the industry’s trend towards
“appliance computing” is a warning sign
Microsoft cannot ignore
13
Windows Systems
Administration
• Unfortunately...
– Microsoft is probably least well-positioned
to address system administration because
their platform has become so pervasively
re-purposed
– Premise #1: Any successful attack on
Microsoft will flow from making inroads into
systems administration
14
Cost/Feature
• Microsoft has gotten away with
monopolistic tricks by changing what is
embedded in/included with the O/S and
what is not
– FAXing is in, then it’s out, then it’s a
product
– This allows Microsoft to pick and choose
battles and confuse customers as to true
costs of desktop computing
15
Cost/Feature
• The simplest way to neutralize the
cost/feature confusion is to make it
extremely clear what costs what, and
make the cost ridiculously low
– I.e.: $29.95 for all the word processor most
people need
– This is sort of what Open Source does by
making everything free, but they forgot the
system administration issue
16
Data Lock-in
• This is the ace in Microsoft’s sleeve
– Make your file formats painful to convert
from, and have enough users, and it
becomes a significant deterrent to enduser platform mobility
17
Data Lock-in
• How to address data lock-in
– Wrong way:
• Try to be compatible with Microsoft file formats
– Right way:
• Offer easy to use tools that automate
conversion to non-proprietary formats and back
18
Software Sales Concept
• The software sales model is Microsoft’s
soft underbelly
– Continuing revenues are 100% vulnerable
in a market in which software is sold not
rented
• Downside of rental: increase customer mobility
• Downside of sales: customers can decide to
tread water for a couple years
19
How to Scare Microsoft #1
(and look like a business visionary while you’re doing it)
• Tread Water and Microsoft dies
– “Thank you, Bill. We have all the software
we need right now. We’ll buy some more in
a few years when we need more.”
• Premise - most businesses probably own
enough software to freeze additional purchase
and maintenance for a year or 2
• Use old versions
• Recycle and save huge $$
20
Software Sales Concept
• Corollary
– The “application service provider” boom
went bust because of how software was
licensed to prevent its being multiplexed
• Software industry is already reacting, albeit in
sneaky ways
…. Can you say “automatic patching”? Hackers
are unwitting patsies playing into the hands of
Redmond and others
21
OK
• Enough of the high-level stuff
...Imagine you agree with me about some
of these things and let’s talk about how
to really scare Microsoft
(caveat: I didn’t say it’d be easy)
22
Assumptions:
• Make a broad push across the board
– Make simplicity a virtue and take
advantage of it
– Turn the software sales model on its head
– Take advantage of things we’ve learned in
the last 20 years of networked computing
– Steal ideas from old research and
synthesize and update them
– Co-opt Open Source ideology
23
Main Lines of Attack
•
•
•
•
•
•
System administration
Cost / seat
Performance
Reliability
Mobility / Ubiquity
Security wouldn’t hurt either (but let’s be realistic:
customers don’t care)
24
Step 1: Data Environment
• Use HTML/XML for everything
• Core tools:
– Spreadsheet
- Browser
– Image editor
- File Manager
– HTML document editor
– IMAP client
– Presentation Viewer
– Messaging
25
Step 2: Operating System
• Operating systems today are probably
50% virtualization kruft intended to
make them able to use any of 102,392
different network cards or 82,882
different display adapters
– This is stupid
– Consider appliance computing/palm
computing, etc, as repudiations of
hardware portability as a concept!
26
Operating System / cont
• The UNIX guys had it right: make
everything a file
– Extend it a bit:
• Assume everything is a file
• Make everything PGP signed/encrypted
• Assume that everything can exist in one or
more places
• Flag a file as “cache consistency needed” or
not
27
Operating System / cont
• File service now == software distribution
– Executables are read-only (duh! What’s wrong with
people at Microsoft - writeable executables is retarded!)
– Before you begin to execute, contact
server and offer up {SHA1,filename,system time}
– Server might offer up a newer file (implicit
software update) or allow you to operate
on the cached version
28
Operating System / cont
• Allow users to set migration/replication
policy on file (pick some sensible
defaults)
– Store multiple copies in multiple locations
== implicit backup
– Store versions on server == implicit
versioning
– Users can pay for different options
(retention, space, versions, etc) on servers
29
Operating System / cont
– Sharing is now a matter of key ring
management
• Marcus wants to give Adam access to a file,
adds it to the read-recipients list and resigns
the file’s control block
– Details: generate new key, local hash, send to
server, let server re-encrypt - or for the paranoid
encrypt it locally and let it migrate up
• Now Adam can pull the file from anyplace it’s
stored and decrypt it
– Marcus doesn’t actually have to move much data
(but he can if he wants to be a paranoid)
30
Operating System / cont
– Mobile access is now a matter of taking
your keyring to someone else’s machine
• Local cache stored in (original) encrypted
format
– No-cache pragma attached to file would be another
option
• When you put your keyring in someone’s
machine you unlock your files
– Local desktops are basically disk cache, execution,
U/I, and compute engines - Plan 9 style rather than
X-windows style
31
Step 3: Platform
• Playstation2
– DVD boot
– USB keyboard interface
– Audio / Video
– Firewire
– Ethernet
– IDE interface
– What else do you need? By coding to the metal you can
leave out all the device independent kruft
32
Step 4: Business Model
• Go to IBM and offer to partner with them
on a “business desktop” that costs
$100/seat with $0 systems admin cost
– Server side is where the money will be
• Software
• Storage
• Services (Email*, etc)
33
* Email, of course, is just another directory of files...
Step 5: Software Model
• Software now becomes an executable
that you subscribe to for a time
– Run it as long as you’re paying for it
– You’re always running the latest release so
you get features/whatever and the industry
breaks out of the 6-month buggy bloat-bugrelease cycle
– Since file formats are standard data is
portable; increase competition for apps
34
…anyhow...
• By now I ought to be running out of time
– I didn’t want to get into an exhaustive
design discussion
• Yes, there are lots of details
• The point is:
– We can re-invent large systems usability
– We are using 1970’s software architectures
in the 21st century - and so is Microsoft
35
Summary
• I believe Microsoft is shockingly
vulnerable to changes in how software
is sold
– They appear to know this; if you watch
what they’re doing they are trying to
minimize the potential damage
• Feel free to give them a good hard
shove off the cliff if you want to...
36
Download