How To Really Scare Microsoft Marcus J. Ranum CSO, Tenable Network Security, Inc. AKA: Make Bill Your Bitch 2 Who? • • • • Early innovator in firewall market Early innovator in VPN market Early innovator in IDS market Chief Security Officer, Tenable Network Security 3 What? • What is this talk about and why? – Computer technophiles appear to despise Microsoft • Many talk about “replacing Microsoft” • Many feel Microsoft is not a good custodian of the industry • Many feel Microsoft is a monopoly – We’ll explore some of Microsoft’s weaknesses and why they matter 4 The Big Picture • The industry in which we work has only been around a short while – We’ve already seen giants arise and vanish (Cray, Digital, Data General, Wang) – Don’t expect Microsoft to last another 20 years in its current form and position, unless their customers really are stupid • My ideas are all stolen from: Project Athena, Plan 9, VAX/VMS, etc. 5 Let’s Get this Out Of the Way…. (‘cuz it’s gonna hurt) • “But what about LINUX!?!?!” – An acceptable alternative to Windows primarily because it’s free • Businesses have not made the wholesale shift to Linux that many were predicting in the mid 1990’s – Why didn’t it happen? 6 Why LINUX Does Not Rule • Short form: – It’s as bad as Windows • Long form: – In an attempt to “out-do” or “match” Windows features LINUX has become just as krufty, unmanageable, and pimped-out a piece of bloated shovelware as Windows (maybe worse!) 7 Linux V. Windows • “Avoid Strength, Attack Weakness (Sun Tzu) – The current Linux strategy consists of attacking Microsoft where they are strongest (integration, features, 3rd party apps, single “distro”) while emphasizing areas where Linux is weakest (system administration, complexity, software distribution model) – That’s exactly backwards 8 So…. • Where is Windows weak? 9 Points of Technological Attack • System Administration • Cost / Feature • Data Lock-in 10 Points of Non-Technological Attack • Software sales concept 11 Windows Sys Administration • 2026AD: The Infocalypse Every man, woman, and child on earth (over the age of 6) will be a Windows system administrator Earth Population Time 2026AD # Systems under admin. 12 Windows Systems Administration • System administration is the achilles’ heel of all general-purpose operating systems – Since Windows has the largest market share, it takes the lion’s share of the blame however the industry’s trend towards “appliance computing” is a warning sign Microsoft cannot ignore 13 Windows Systems Administration • Unfortunately... – Microsoft is probably least well-positioned to address system administration because their platform has become so pervasively re-purposed – Premise #1: Any successful attack on Microsoft will flow from making inroads into systems administration 14 Cost/Feature • Microsoft has gotten away with monopolistic tricks by changing what is embedded in/included with the O/S and what is not – FAXing is in, then it’s out, then it’s a product – This allows Microsoft to pick and choose battles and confuse customers as to true costs of desktop computing 15 Cost/Feature • The simplest way to neutralize the cost/feature confusion is to make it extremely clear what costs what, and make the cost ridiculously low – I.e.: $29.95 for all the word processor most people need – This is sort of what Open Source does by making everything free, but they forgot the system administration issue 16 Data Lock-in • This is the ace in Microsoft’s sleeve – Make your file formats painful to convert from, and have enough users, and it becomes a significant deterrent to enduser platform mobility 17 Data Lock-in • How to address data lock-in – Wrong way: • Try to be compatible with Microsoft file formats – Right way: • Offer easy to use tools that automate conversion to non-proprietary formats and back 18 Software Sales Concept • The software sales model is Microsoft’s soft underbelly – Continuing revenues are 100% vulnerable in a market in which software is sold not rented • Downside of rental: increase customer mobility • Downside of sales: customers can decide to tread water for a couple years 19 How to Scare Microsoft #1 (and look like a business visionary while you’re doing it) • Tread Water and Microsoft dies – “Thank you, Bill. We have all the software we need right now. We’ll buy some more in a few years when we need more.” • Premise - most businesses probably own enough software to freeze additional purchase and maintenance for a year or 2 • Use old versions • Recycle and save huge $$ 20 Software Sales Concept • Corollary – The “application service provider” boom went bust because of how software was licensed to prevent its being multiplexed • Software industry is already reacting, albeit in sneaky ways …. Can you say “automatic patching”? Hackers are unwitting patsies playing into the hands of Redmond and others 21 OK • Enough of the high-level stuff ...Imagine you agree with me about some of these things and let’s talk about how to really scare Microsoft (caveat: I didn’t say it’d be easy) 22 Assumptions: • Make a broad push across the board – Make simplicity a virtue and take advantage of it – Turn the software sales model on its head – Take advantage of things we’ve learned in the last 20 years of networked computing – Steal ideas from old research and synthesize and update them – Co-opt Open Source ideology 23 Main Lines of Attack • • • • • • System administration Cost / seat Performance Reliability Mobility / Ubiquity Security wouldn’t hurt either (but let’s be realistic: customers don’t care) 24 Step 1: Data Environment • Use HTML/XML for everything • Core tools: – Spreadsheet - Browser – Image editor - File Manager – HTML document editor – IMAP client – Presentation Viewer – Messaging 25 Step 2: Operating System • Operating systems today are probably 50% virtualization kruft intended to make them able to use any of 102,392 different network cards or 82,882 different display adapters – This is stupid – Consider appliance computing/palm computing, etc, as repudiations of hardware portability as a concept! 26 Operating System / cont • The UNIX guys had it right: make everything a file – Extend it a bit: • Assume everything is a file • Make everything PGP signed/encrypted • Assume that everything can exist in one or more places • Flag a file as “cache consistency needed” or not 27 Operating System / cont • File service now == software distribution – Executables are read-only (duh! What’s wrong with people at Microsoft - writeable executables is retarded!) – Before you begin to execute, contact server and offer up {SHA1,filename,system time} – Server might offer up a newer file (implicit software update) or allow you to operate on the cached version 28 Operating System / cont • Allow users to set migration/replication policy on file (pick some sensible defaults) – Store multiple copies in multiple locations == implicit backup – Store versions on server == implicit versioning – Users can pay for different options (retention, space, versions, etc) on servers 29 Operating System / cont – Sharing is now a matter of key ring management • Marcus wants to give Adam access to a file, adds it to the read-recipients list and resigns the file’s control block – Details: generate new key, local hash, send to server, let server re-encrypt - or for the paranoid encrypt it locally and let it migrate up • Now Adam can pull the file from anyplace it’s stored and decrypt it – Marcus doesn’t actually have to move much data (but he can if he wants to be a paranoid) 30 Operating System / cont – Mobile access is now a matter of taking your keyring to someone else’s machine • Local cache stored in (original) encrypted format – No-cache pragma attached to file would be another option • When you put your keyring in someone’s machine you unlock your files – Local desktops are basically disk cache, execution, U/I, and compute engines - Plan 9 style rather than X-windows style 31 Step 3: Platform • Playstation2 – DVD boot – USB keyboard interface – Audio / Video – Firewire – Ethernet – IDE interface – What else do you need? By coding to the metal you can leave out all the device independent kruft 32 Step 4: Business Model • Go to IBM and offer to partner with them on a “business desktop” that costs $100/seat with $0 systems admin cost – Server side is where the money will be • Software • Storage • Services (Email*, etc) 33 * Email, of course, is just another directory of files... Step 5: Software Model • Software now becomes an executable that you subscribe to for a time – Run it as long as you’re paying for it – You’re always running the latest release so you get features/whatever and the industry breaks out of the 6-month buggy bloat-bugrelease cycle – Since file formats are standard data is portable; increase competition for apps 34 …anyhow... • By now I ought to be running out of time – I didn’t want to get into an exhaustive design discussion • Yes, there are lots of details • The point is: – We can re-invent large systems usability – We are using 1970’s software architectures in the 21st century - and so is Microsoft 35 Summary • I believe Microsoft is shockingly vulnerable to changes in how software is sold – They appear to know this; if you watch what they’re doing they are trying to minimize the potential damage • Feel free to give them a good hard shove off the cliff if you want to... 36