Since my exhaustive treatment of the issues surrounding Windows XP's provision for full raw sockets can be somewhat  . . . exhausting, I have summarized my concerns here. Each of these points is fully developed and supported with real world evidence on the page that follows.

	Windows XP's new support of the full raw socket application programming Interface (API) allows for the creation of fraudulent and damaging Internet traffic. This has never been possible under Windows without first modifying the operating system with third-party device drivers — which has never been done by malicious programs.
	The security features built into all other raw socket capable operating systems (Windows 2000, Unix, Linux, etc.) deliberately restrict raw socket access to applications running with full "root" privilege. However, the Home Edition of Windows XP executes all applications with full administrative ("root") privilege. Thus, Windows XP eliminates the raw socket safety restrictions imposed by all other operating systems.
	For the first time ever, applications running under the Home Edition of Windows XP — whether deliberately executed or running as hidden "Trojan" programs — will be easily able, without modifying the operating system in any way, to generate the most damaging forms of Internet attacks.
	Internet attacks launched from security-compromised Windows systems are already common. (Because security-compromised Windows systems are common.) However, the previous Internet API built into Windows, prevented those attacks from being as damaging as those launched by Unix and Linux systems. The sole reason for this difference was Windows' previous lack of full raw socket support (which was a blessing).
	No previous version of Windows (9x, ME, or NT) had, or needed, full raw socket support. Those systems worked seamlessly on the Internet. While there are valid uses for advanced raw-IP packet generation by system level processes (NAT routing, IPsec support, etc.), there is no valid use for raw sockets by end-user software. The only applications are Internet Research or the exercise of malice. Therefore, this new danger is without justification.
	Windows XP's security model, which has been seriously compromised in order to accommodate the needs of Windows 9x legacy applications, will not prevent the wholesale hijacking of Windows XP machines. These compromised machines — with their needlessly potent full raw socket support — will be used to attack and damage any chosen Internet user or site.

Microsoft claims that the "real problem" is keeping
malicious software out of personal computers. But they
have compounded this problem by needlessly making
full raw socket support available to all applications.

I am at a loss to fathom Microsoft's continuing refusal to appreciate the obvious consequences of this mistake. They must accept responsibility and correct the problem before it is too late.

On Thursday, June 28th, 2001, I participated in an eight-way telephone conference with Microsoft to discuss these issues. You may be interested to know what I learned during that discussion.

My complete examination of these issues my be found on "The Windows XP Internet Threat" page.