Hack in the Box Meets Windows Vista 159
Strange_Brew writes "It appears Microsoft is really going all out to get Windows Vista secured before its release date in 2007. There's an article on PC World which talks about Microsoft's plan to give Asia's largest hackers conference an inside look at the new security features in Windows Vista this coming September." From the article: "The Hack In The Box conference will host two speakers from Microsoft. The first, Dave Tamasi, a lead security program manager at Microsoft, will give a presentation on security engineering in Vista. The talk will include a discussion about features suggested by hackers and other security conscious members of the computing community, in addition to security improvements made on Vista. The second speaker, Douglas MacIver, a penetration engineer at Microsoft, will review Vista's BitLocker Drive Encryption and the company's analysis of threats and attempts to penetrate the security feature."
Reminds me of home made encryptions (Score:2, Insightful)
When noone does the company calls his product uncrackable. These events and claims are without credibility, security doesn't get manufactured this way.
The never ending story (Score:5, Insightful)
Windows Vista: most secure version of Windows yet (Score:4, Insightful)
Re:The never ending story (Score:5, Insightful)
If I hang 2000 padlocks on most from the 2200 doors of my house, it will be most secured in the whole neighbourhood. Not more secure than the guy across the street, with front and back door, one good quality lock in each, and good windows from break-proof glass.
Windows is too big to be secured whole, it has too many dependencies on insecure behaviours of programs, the security too often stands in the way of usablity and as such will often be disabled or neglected. If you need to type admin password 50 times a day to perform quite simple (though potentially remotely risky) tasks, you will type in the 51st time when a trojan asks you to do so.
Re:Reminds me of home made encryptions (Score:5, Insightful)
You do realize BitLocker isn't about some "home brewn" encryption algorithm right? It uses standard encryption algorithms (256 bit AES for example). The "invent" part here is how this standard encryption is used. From hardware, boot process, drive access, etc. Here [microsoft.com] is a good place to start for a basic overview.
offer $100,000 or so to anyone who can crack it
Didn't see that in the articles.
When noone does the company calls his product uncrackable. These events and claims are without credibility, security doesn't get manufactured this way.
True. If ANY company says ANY product is uncrackable, they are full of it and/or marketing is having too much of a say in thier message. However, again I'm not seeing any claims like that in any of the links. Am I missing something?
Re:There's only one possible outcome... (Score:2, Insightful)
Re:Reminds me of home made encryptions (Score:5, Insightful)
Specifically, my issue is with the "It appears Microsoft is really going all out to get Windows Vista secured before it's release date in 2007." sentence, and that somehow presenting a system for security experts would make it more security, as a direct causality.
Security is not a product, it is a process. If one chain in the link fails, the whole chain fails. And MS can continue to give presentations about their system and abstract design concepts, and if security experts spot weakness in the design they can tell all about it to MS, but it's throwing peas at a wall. They never listened, and I see no reason why would they listen. This is just a cheap PR stunt to reassure some less in-the-know folk. That is why I compared the situation to the example in my original post. It has nothing to do with encryption. Encryption isn't the issue. Design, security principles and how MS responds to security issues are.
welcome to the real world (Score:4, Insightful)
There's a 95% probability that Vista will fall into the same traps, and will be just about as insecure as any other windos because of these problems and because Outlook still executes binaries sent by mail, and users can still be tricked by calling your virus.exe virus.jpg.exe and providing the proper icon.
(the other 5% are that Vista doesn't ship at all)
I think the blame would hit a different target (Score:4, Insightful)
Yes, it simply "does not pay" to dig into Linux insecurities. What for? First of all, there are very few "clueless" users. Linux still has the "geek system" halo, users that consider themselves "normal users" without any ambitions to run servers or who just want to browse the web and write the odd letter or two won't even go near it.
And they tend to be the prime targets for spammers, trojan injectors and other malware. The clueless, gullible people.
But let's assume, just for a moment, Linux was the dominant system. Let's say it had a nice, clean user interface that lets even the most inapt monkey set it up and use it. Then we would, of course, start to see a lot of Linux based malware.
In Linux, though, you can actually implement a complete, useful and enforceable security model. You can use every kind of software that you might need without compromising the security of the whole system. Something that is by its very design impossible with current versions of Windows. In short, it is not necessary to give the average user administrator privileges, something that is simply a necessity in Windows with a fair lot of programs.
I guess, was Linux the dominant system, the blame would shift. From the system, as it is now, to the clueless user who dared to go online as root.
Re:No good (Score:1, Insightful)
Whoever modded parent "Insightful": Please shoot yourself. Thank you.
Re:Reminds me of home made encryptions (Score:1, Insightful)
Re:The never ending story (Score:5, Insightful)
Regarding DNS, I'm not sure what you actually mean here. The DNS client and DNS server are services, but they are not in kernel. A Windows service does not mean it's in kernel mode. Winsock itself has some kernel thunking, and as name resolution is generally done through Winsock, that might be what you mean.
Security? (Score:3, Insightful)
Re:The never ending story (Score:3, Insightful)
basics (Score:2, Insightful)
Re:The never ending story (Score:4, Insightful)
Do you have any proof at all to back up that assertion?
I've seen it repeated time and again here (especially with regards to IE), but have never once seen any proof.
Re:Reminds me of home made encryptions (Score:3, Insightful)
And they arent talking about abstract design concepts, they're presenting how their system works, at a conference of security experts; they want feedback on their implementation. But let's just keep trotting out the party line shall we? A beautiful mind indeed...
It's time to dump most of the legacy code (Score:4, Insightful)
Re:No good (Score:5, Insightful)
I for one am sick of this argument, because it simply isn't true. It IS possible for the primary OS publisher out there - be it Microsoft or someone else - to release a secure OS for the masses. While being top dog does expose you to the most flak, it doesn't a priori prevent you from doing a good job in the first place.
fundamentally flawed (Score:3, Insightful)
Re:I think the blame would hit a different target (Score:3, Insightful)
Additionally, you are allowed to inject arbitrary code into whatever program is currently running. You are able to inject your code into the memory space of, say, explorer.exe and force it to run your code as a thread.
The first could, technically, be cured. You could rewrite some of the functions to work with privilege levels instead of requiring a user of the admin group. Even though I don't really think it would solve a lot of problems, since too many Windows users are already too used to running as Admin 'cause it's the only way some programs work at all, and many don't want to deal with the hassle of finding out which privileges their DVD-Writer or their USB-Devices need. Just turn on Admin and it works. MS would have to provide some way of a "learning permissions system" here, where, akin to some "learning" packet filters the system would ask you things like "I've noticed you're trying to do XXX, this is currently not possible because of YYY, if you want this to be allowed, gimme your admin password and I'll set the necessary privileges for this user, if not just hit disable".
This won't solve the more serious problem, though. You can not simply "turn off" the ability to inject code into foreign memory space, for this would disable a few critical programs of the Windows OS itself. You can't either turn off admin privileges to the user running them (and let them run as system owned services with different permissions), because that would not increase security (if it is possible at all, a few programs can ONLY run sensibly when run as the current user).
But the more serious problem Windows is facing is the possibility to inject code into a foreign process. My guess is that it is was a stopgag solution for services that relied on the weak memory protection of earlier Windows versions that could not be rewritten in time. It is a huge security problem, and a lot of malware makes very creative use of it. You can't simply remove the ability to do that either, or the system simply and plainly blows up and a lot of very useful debugging tools will cease to work.
The only way to remedy that would be to redesign the permission system and the way memory protection works, as well as the programs that were leftovers from the earlier, more insecure, times that rely on these insecurities, and thus close those gapping holes altogether. Patching this does simply not work.
I can only hope that in Vista they did just that. The time it took to develop the system suggests it.
A forward-thinking hacker... (Score:2, Insightful)
COM and DCOM (Score:2, Insightful)