The Windows 8 Kill Switch: A Hacker's Dream Come True
Windows 8 will have a kill switch, allowing Microsoft to remotely delete apps. Let the hacking begin!
By John C. Dvorak
February 29, 2012
In the Windows Store terms of use, Microsoft made it clear that it can pull the kill switch at its discretion.
The more I read, the more I wonder how so many people can miss the real danger this poses to the average user. I immediately ask, what happens if a hacker cracks the mechanism and can write some malicious code to brick millions of computers? Or worse, with all the already infected machines we know exist, what if their Trojan Horse overlords simply call up the bricking code to hide their tracks?
Check out more of our Windows 8 coverage.
There are a lot of possibilities here and a heck of a lot of them are moA number of stories about a Windows 8 kill switch have appeared on the Web, each with its own odd and ominous tone. The blogosphere has gone berserk with all sorts of menacing commentary, such as the following from the Vigilent Citizen:
The very anticipated operating system Windows 8 will have a feature that was never found on PC's before: A kill switch that can remotely delete software and edit code without the user's permission. Although Microsoft claims the switch would only be used for software that is downloaded from its app store, no official policies clearly define the actual purpose of the kill switch... nothing is truly considered "illegal" and that includes issues regarding spying, censorship and free speech.
Pretty scary, kids. Less-than-totally-freaked-out Computerworld has this to say:
Kill switches -- so called because a simple command can deactivate or delete an app -- are common in mobile app stores. Both Apple and Google can flip such a switch for apps distributed by the iOS App Store and Android Market, respectively.re worrisome than thinking that Microsoft may pull the kill switch to shut up someone who hates Steve Ballmer.
In fact, nobody has even mentioned the national security threat that this suggests. First of all, Microsoft is not known for designing anything secure. The company cannot do it. So, how does adding a kill switch keep users and the nation as a whole safe when we know in advance that it will be hacked like everything else the company has done?
Supposedly, the process is directed at apps or products that will be sold over the Web from the app store. This seems fine on the surface. Everybody seems to do this already. Amazon has such a feature on the Kindle and Google has one on its Android phones. Apple has comparable capabilities with the iPhone.
Nobody should be surprised by Microsoft's addition. For over a decade, people have discussed the idea that Microsoft could use the kill switch technology to kill bootleg or counterfeit versions of its OS. I'm sure the company would employ the code to kill counterfeits if it is confident it could get away with it and confident it wouldn't be bricking perfectly good systems left and right, thus finding itself in a legal entanglement and a public relations nightmare.
You all know the company has had meetings about this and no engineers have been able to guarantee that it would work as advertised.
This backlash fear will not deter a hacker who just wants to have fun. It will not discourage a foreign belligerent who wants to disrupt the US infrastructure. The game changes quick when this capability falls into the wrong hands.
One must assume that this global consideration is on the minds of the enemies of the state since President Obama has openly discussed how his "Internet Kill Switch" plan is a solid safety precaution if the Web is attacked. Shutting down the Web, in itself, seems like the ultimate attack. Just as killing a man because he has the flu is not a cure, killing the Internet is not a solution to anything.
So, here we are with a very threatening technology now being employed by Microsoft. This is going to be rich. I'll be watching.
Hopefully, within the next few years, my column will only be available for reading in print on paper stapled to a few select telephone poles. Keep an eye out in Berkeley and San Francisco.
You can Follow John C. Dvorak on Twitter @therealdvorak.
8 windows operating system from Microsoft was still a lot of loopholes that couldmake computers installed windows 8 prone to hacker attacks .. Hemmm, indeedhe could be a haven for the attackers and malicious hackers because it candirectly edit the script without asking for approval of malicious users, but it seemsunusual for microsoft who always want to rush release products that are still lots ofholes everywhere .. how do you ...?
No comments:
Post a Comment