<i>Juha Saarinen:</i> The empire strikes back at zombies

COMMENT

The Microsoft security patch for Windows and computer security are two concepts that have traditionally refused to marry, despite much talking over the past few years.

Windows is arguably the most popular computer operating system in the world - not just with consumers, but also hackers and virus writers. These digital vandals have been hugely successful at turning Windows PCs into remotely controlled "zombies" that can be used to send out spam in huge quantities and serve up sometimes illegal web content.

When the "zombies" awake behind their broadband connections, they can even be used to take out large international networks, as they did recently to Akamai, through large, co-ordinated attacks that pump out overwhelming amounts of data. The attack caused service interruptions for Yahoo, Google and ironically, Microsoft's websites.

The sad fact is that there is precious little effort involved in creating these "zombie armies". Usually, the vector of attack is just a simple email with an attachment that users launch, and that's it: the computer is under control by someone overseas, and you could be in severe trouble, financially and legally, if you don't notice it in time.

This problem will get much worse in the near future, because there is money to be made in compromising computers. Spammers are buying "BotNets" or blocks of remotely controlled computers from virus writers, with organised crime getting in on the act, according to recent media reports. Current estimates say that around 80 per cent of all spam now emanates from "zombie" machines.

Clearly, there is a need for Microsoft to act to bolster security in Windows, because despite anti-viruses and firewalls, its customers are getting hit in large numbers.

Microsoft's answer to the security woes is being readied. Prosaically named Service Pack 2, it is a large update for Windows XP with a big emphasis on security.

Service Pack 2 is being tested by many people around the world - Microsoft says the number is around a million - and if no "show stopper" bugs are found, should come out at the end of next month in its final version.

What are the security enhancements in Service Pack 2? For starters, you get a fully functional firewall that checks both incoming and outgoing traffic. The firewall in the original Windows XP looks only at incoming traffic, and thus does not prevent data from your computer leaking out to the internet, giving attackers clues about what to go for.

Most people will notice the long- overdue pop-up blocker for the Internet Explorer web browser. Browser pop-up (and worse, pop-under) windows are abused by malicious website operators, sometimes trying to plant spy software on your computer.

So-called "social engineering" (asking users to unwittingly run dangerous software), the technique favoured by many virus spreaders, should be a little more difficult thanks to the changes Microsoft has made to its email and instant messaging programs. Even if you run unsafe programs (and trust me, people will never stop doing that), these are isolated in Service Pack 2 and won't be able to affect critical parts of the computer.

Service Pack 2 also nags you to turn on automatic software updates and warns if you don't have anti-virus software, or if you should have the temerity to turn off the firewall. There is whole slew of warnings for users concerning the consequences of their actions, which we can only hope will be adhered to.

Underneath the hood there are even more changes, like core components being re-coded and rebuilt to plug security holes. Some of these changes will invariably cause headaches with older software that wasn't written with security in mind, but that's a small price to pay.

I've been running pre-release versions of Service Pack 2, and my advice for any Windows user would be to upgrade as soon as possible. The additional security is great and nothing important has broken, even with trial versions of Service Pack 2.

Nevertheless, I am left with a feeling that while Service Pack 2 is a good thing, it should have come out much sooner.

Many of the changes introduced in Service Pack 2 are just plain common-sense and available on other operating systems, so what was Microsoft thinking about all this time?

Service Pack 2 may also create two security problems. First, Microsoft has stated Service Pack 2 will not install on computers with pirated versions of Windows. That's fair and square, because why should Microsoft support thieves?

But if you think about how many pirated copies of Windows there are in China alone, the policy becomes questionable, as it leaves many computers unprotected.

Second, Service Pack 2 also marks Microsoft's second try at producing an anti-virus, to be released this year. It's likely the anti-virus software will be offered via subscription to avoid another anti-competition trial, and not bundled with Service Pack 2.

The decision to once again produce an anti-virus could undo all Microsoft's security effort in Service Pack 2, simply because it will be a big fat bulls-eye for virus writers.

Microsoft will tell you that the new software is due to customer demand. But Microsoft would also do well to remember its first disastrous anti-virus effort, and resist the temptation of entering a market it knows precious little about.