Computing Applications Inside risks

The Devil You Know

  1. Article
  2. Author

Question: What’s worse than buggy software? Answer: Patches and upgrades that make things even worse. This is a dilemma critical to many applications. How should we cope with the untold millions of computers that are constantly subjected to penetrations, viruses, worms, and other nasties that exploit a steady stream of security weaknesses and flaws? Is finessing, coercing, or even forcing users to install updates a solution, or just an invitation to further aggravation and potential disasters?

The underlying problem is obvious. Much commercial software is a mess on the inside. Get past the flashy graphics and the fancy user interfaces, and you frequently descend into a nightmarish realm of twisted spaghetti-like code that might better belong in a Salvador Dali painting. One recurring type of software security bug, buffer overflows, dates back to the dawn of computing, but only recently are we seeing some serious attempts to limit this vulnerability systemically.

Meanwhile, Microsoft sends forth a stream of patches intending to correct what it designates as "critical" security flaws in its systems, applications, and even its own previous patches. Microsoft certainly isn’t alone when it comes to software flaws, but as the massively dominant desktop system vendor, its software and support decisions tend to have much more influence on most consumers, businesses, and other organizations than those of other firms.

Microsoft has expressed continuing concerns about user behavior, seeming to say, in essence, "If we could just find some way to get users to install each and every patch forever, the bugs in our software wouldn’t really matter so much." This seems somewhat akin to a vampire, after having bitten your throat and transformed you into one of the living dead, pointing out that vampirism really isn’t so bad as long as you get plenty of blood every night and stay out of the sun.

Many computer users pay little if any attention to the issues of security bugs. They take the unfortunate but understandable view that if something seems to be working adequately, don’t try to fix it. In the security realm, this can indeed be a very dangerous attitude.

On the other hand, many expert computer users (particularly those using Microsoft products) don’t ignore patches—they’re simply terrified of them. Too often, installing seemingly innocuous "fixes" into working systems results in instability, crashes, or even total unusability. Interactions between patches and other software, particularly already-installed third-party packages, can result in widespread disruption to both application and system software. And often there’s no going back without total system restores. For example, Microsoft patches have often been incapable of being effectively removed in case of problems. Microsoft has now announced the move to (more organized) monthly aggregated patches—but has already had to issue additional interim patches to patch their monthly patches!

For a time, it was reported that Microsoft was considering the possibility of forcing virtually all users of Microsoft’s systems to accept its Internet-delivered updates. More recently, there’s been talk about changing the defaults for "home user" systems to automatically accept Microsoft-provided critical Internet-delivered patches, unless specifically instructed otherwise by users. Not only is it unclear how to accurately delineate this "home users" category, but there may be in such a segregation an ominous attitude: that it’s somehow less serious to screw up home users’ computers than those of businesses and other more well-heeled customers. This would be an unacceptable outcome.

Widely deployed automatic updating systems for PCs could carry with them another very real and serious risk—the possibility of hackers cracking the Internet-connected update mechanisms, either at the user systems themselves or at central servers, then using them as convenient portals for their own nefarious payloads. Weaknesses in autonomous updating environments (and we know from experience that there almost certainly will be weaknesses) could provide yet another endless series of opportunities for worms, viruses, and other software nightmares.

Users (and/or system administrators, as appropriate) have the need and right to fully control their own computers. No particular class of users should be subjected to defaults considered too risky for another group, nor should we need to risk having our operational systems sidelined by possibly unstable vendor patches that may do more damage than the original bugs. A plethora of patches will never be a substitute for true quality software.

Back to Top

Join the Discussion (0)

Become a Member or Sign In to Post a Comment

The Latest from CACM

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved

Communications of the ACM (CACM) is now a fully Open Access publication.

By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.

Learn More