Windows Vista still Rife with Insecure Code

osxpetition writes "As noted in a News.com article, Symantec researchers have been testing the latest Microsoft Windows Vista build (Beta 2), and have found that the code is 'complete with new corner cases and defects' in the networking component. Symantec describes how Microsoft scrapped the old networking stack code from Windows XP in favour of newer, rewritten code. 'Microsoft has removed a large body of tried and tested code and replaced it with freshly written code.' Since January 2002, Microsoft has put a stronger emphasis on protecting PCs by attempting to implement stable, secure code into Windows XP and their new operating system. This latest report from Symantec brings attention to Microsoft's trustworthy computing campaign, and shows how it will be a long way before it is ready for the mainstream."

beta

[baldass_newbie]

It is still beta, right?

And we...

[vwjeff]

have a solution that will "protect" you.

I would like to know

[giorgiofr]

I would like to know If the so-called shatter attack still works in Vista. If it does, no amount of privilege limitation can help you.

Is this news?

[brennz]

Marketing deadlines always trumps everything else, except for OpenBSD and maybe Linux kernels. Curiously, both have dominant but benevolent personalities in charge......

However

[also-rr]

This may not be a bad thing.

I am much happier with well laid out, structured and simple code that has X rate of defects than well polished over the years, old, cruddy and complex with X rate of defects because with the former:

Fixes will be faster.
Fixes will be easier/cheaper.
Fixes will be possible!
Bug fixes will have less chance of introducing new bugs.

Given time we can then be sure that we will end up with... err well polished over the years, old, cruddy and complex. But it probably won't be as bad as if the process never happened in the first place.

So

[kevin_conaway]

So they're saying that beta software still has bugs in it?

I don't think its particuarly fair to be making these public accusations at this time. I'm sure the developers appreciate the testing, but an article to CNET seems a little too much

Conflict of Interest

[Ryan C.]

OK, so Symantec makes money selling products that patch up problems with Windows OSes. Microsoft trying to put them out of a job. I'm not saying Vista is really achieving this goal, but what sort of report did you expect from Symantec? "Wow, this Vista really makes our products unnecssary"!

FUD. At least they learned Microsoft's greatest marketing strategy.

Another way of saying it

[Aqua_boy17]

and shows how it will be a long way before it is ready for the mainstream

In other words, wait until at least SP2 is released before even thinking about upgrading. That's how I read it anyway.

Semantec's attempt to reassure stockholders

[Bill_the_Engineer]

Isn't it to Semantecs best interest to generate demand for their product by creating uncertainty when it comes to OS security. They did this to linux too...

Granted Microsoft may be using new code, but that doesn't necessarily mean it's more insecure than the current network stack.

Let's see what the non-beta software looks like, and see what a independent lab reports.

Bill

Re:I wish I could mod this story -1 Redundant.

[andrewman327]

You beat me to it. Absolutely true. Just about any extremely popular piece of software will never be completely secure, especially if it is from Microsoft. To be fair, however, the new networking code has not had any attacks yet, and should momentarily (long enough for the PR machine to take advantage of it) benefit from security though obscurity as hackers scramble to find its holes.

Re:However

[Yohimbe]

Actually the old code might be better. And I don't defend blindly.

It has been my repeated experience that "Cruddy and complex" code is that way because the problem space is cruddy and complex and thats what bugfixes do to code.

You throw out that complexity and you throw out accumulated knowledge. I have yet to see a second system or third or fourth that managed to keep the bugfixes of the previous system. These issues return and they are accompanied by new ones.

In this case there might be a reason to thow out this particular baby with this particular bathwater: the only thing that new code gives you is resident experts on the new code. If you have staff turnover (Which MS always does), they may have already lost the resident experts on the previous design.

So that brings up the next point: MS may now be jumping its proverbial code shark: They've not increased in price in 3 years: stock options are worthless, they're losing people, and the hardware vendors are saying "When are you going to get us a decent 64 bit system?". They can't seem to ship secure code and now they throw out working subsystems, possibly because they've got a brain drain. MS owns the office market, but they're starting to really fall behind in shipping modern security at the OS level.

Re:I would like to know

[YU Nicks NE Way]

Actually, it is not a "grave design error". A properly designed service should have no window handlers in the privileged process, and should communicate with any other process through a shared memory interface. The desktop is the security boundary on Windows for window messages, not the window.

Windows Defender anyone?

[DoubleRing]

I'm thinking Symantec is feeling the heat from Windows defender. Once people have that, a large number of people will probably be too unconcerned or too lazy to bother installing a different virus program. Symantec cannot be trusted for a neutral veiw (NPOV comes to mind).

Re:So

[Anonymous Coward]

"So they're saying that beta software still has bugs in it?"

No, they are saying that the new network stack for Vista is a security problem and probably will remain one in the future.

Really, this "but it's still a beta" excuse is incredibly lame and stupid. MS wrote a whole new network stack for Vista, symantec now tested it in a beta that is very late in the release cycle and found severe problems.
And your reaction is to simply whine because it's a beta? How silly can you get?

Re:You joke, but

[HoboMaster]

Jeez man, paranoid much? You really think Microsoft could care less about most of these countries? They won't respect their court rulings, but they allow not just one, but multiple, back doors to be programmed in? And why would they do that? What is Microsoft getting out of the deal?

DA GUBBERMINT WANTS MAH TEEFS!!! RUUUN!

Bye Bye Corporations

[nbannerman]

Ok, I run a network in education, but I can imagine Network Mangers banging their heads into walls already. I think I've got my network locked down enough to cover most of the bases, but seriously, can anyone really say they are looking forward to rolling out Vista across an entire network? I understand network / computer security companies have a vested interest in showing there is a need for their product, but they are not the only ones suggesting Vista is going to be a nightmare.

Re:You joke, but

[Clover_Kicker]

> hey won't respect their court rulings, but they allow not just one, but
> multiple, back doors to be programmed in? And why would they do that? What
> is Microsoft getting out of the deal?

(dons tinfoil hat)

A free ride on the court rulings?

Re:I would like to know

[jacksonj04]

Because it would break a lot of apps. Vista has been set as somewhat of a milestone in the "This *will* break some compatability" aspect, with new permissions, directory structure etc. etc. it's a good point for MSFT to put the foot down and say "Follow these procedures or your app won't work."

Whether they will or not is yet to be seen.

Re:beta

[Alkrun]

I wonder... if the same report was written about a 2.[Odd] version of the Linux Kernel that was 6 months away from release would the title of the /. article be quite so harsh? Of course not. But this is /. where penguins rule the skies.

Emphasis

[tonyr1988]

Since January 2002, Microsoft has put a stronger emphasis on protecting PCs by attempting to implement stable, secure code into Windows XP and their new operating system.

Why haven't they been ALWAYS using stable, secure code?

They've been too busy with cool stuff [softpedia.com].

Except this should be perfect.

[kinglink]

This isn't Beta code, this is a public beta, the current name for what was originally called "Gamma". Aka, the stuff right before release.

This isn't a problem if the problem you find is a minor thing where if you click on a button it crashes only if you have a ATI card that was made in June 2005.

This is a problem if the majority of code, that has been rewritten from near scratch has major flaws that would take another full rewrite to get rid of (or years of critical updates). Vista is supposed to be the reinvention of Microsoft security, however this isn't secure. This isn't a "we're still adding features" problem this is a critical flaw at the core of the system.

Re:I would like to know

[Keeper]

The reason why it isn't considered a security flaw is that you can only send messages to windows that are in your current desktop session -- ie: you can't gain privleges that that user doesn't already have. Or put another way, whatever you sent via window messages could have been done in the calling process.

Re:Before the MSFT bashing commences

[Cal Paterson]

You idiot. You do not rewrite a whole networking stack in the time between beta and release. The whole "it's only beta!" excuse only holds up for fixing trivial mistakes, not poor design concepts.

Please THINK before you post.

Re:Fun-factor

[cnettel]

To be fair, the original design of NT networking was focused on IPX and NetBEUI. The bandwidth was 10 Mbit. If you routed in several steps, you didn't expect minimal latencies. You were also supposed to kind of trust the traffic on the network (no SYN attacks or stuff like that.) IPv6 on current Windows versions still has "it will kind of work" status. You don't start with MS-DOS and end up with XP. You end up with Me. Rewriting something because the old version is broken is highly unwise. Rewriting something because the old version is unappropriate for what you currently use it for might make sense. I remember the JWZ article and he talks about all the hidden assumptions you've found through hard work and how those are an essential value in the current codebase. If enough of those assumptions are not true anymore, it can make sense to rewrite something.

Re:You joke, but

[causality]

I think you perhaps need to take some lessons in critical thinking. This is the equivelent of saying, "The only reason auto-manufactuers put problems into cars so they have to recall them is because the government makes them, which is why Japanese cars are better than American cars."

My critical thinking skills tell me that this is a false analogy because the government has no incentive to make automobile manufacturers issue recalls, and really the attorneys and enforcement and regulations involved would make this nothing but an expense for the government. When consumer protection laws are enforced, the governmental officials involved can at least claim that they are doing this to benefit the public, even when doing so does further someone's personal agenda.

The situation as described by the A.C. is where the government requires backdoors so that its own governmental snoops (law enforcement and possibly more shady, less accountable organizations) can easily access systems that would otherwise be difficult to access due to security protections. This directly benefits the government because it makes their legitimate law enforcement job easier and it also makes less legitimate ventures (potential data mining, eavesdropping, etc) much easier and has the nice side-effect of eliminating some of the need to do old-fashioned police work. This scenario certainly does not benefit the users of Microsoft software and so the intent shown is nothing like your analogy. If this is actually happening, then this is a very dangerous precedent for two reasons: One, if the government can use such a backdoor, so can anyone else who learns of it; two, the job of law enforcement was not intended to be easy and efforts to make it an easy job immediately preceded the rise of most totalitarian states that existed during the 20th century (at the risk of invoking Godwin's Law, Nazi Germany and the USSR did not take place due to powerless and ill-informed police forces).

Further, when speaking about Windows you are dealing with proprietary, closed-source software. You and I simply do not know with 100% certainty whether or not there actually is such a backdoor in any of the Windows code, nor do we know what agreements Microsoft has made with which governments. What you can know is that we are in an era where privacy is on the decline and law enforcement powers are increasing, and being able to easily access over 90% of all desktop computer systems does fit the stated purpose of programs that we do know about, such as the NSA wiretap program. To say that we already know about every possible threat to privacy and that the statists who desire this kind of surveillance are now satisfied and will not be seeking further powers is a lofty claim indeed. Study history and you will observe that the USA has a bad case of "it can't happen here" regarding foreseeable abuses of power.

Also, unmotivated programmers and undocumented backdoors are not mutually exclusive. It is possible that they both contribute to the sad state of security in Microsoft's code. It is also possible that neither are true and that some third factor (such as program design being dominated by marketing and forcing otherwise good programmers to work within these parameters) can explain the lack of security. But to observe that the possible existence of unmotived programmers could explain the situation and then claim that this is a valid reason to dismiss other arguments out-of-hand does not fit the spirit of critical thinking that you mentioned earlier.

But it does indicate that maybe, just maybe, you live in the USA and are in denial about the direction towards which it is headed.

Re:Vista has been improving...

[colmore]

I think the early 2007 one is going to be some sort of "Vista ME" to business customers they're now saying Q4 2007, which is I guess when the non-beta will be sold to the public.

Never buy a 1.0 product from Microsoft.

FUD?

[Jugalator]

Windows Vista still Rife with Insecure Code

So, point me to the place in the article which says something is still rife with insecure code?

Well, of course, there'll be securite holes in Vista too, like most other OS's, but I'm not sure that's what the article means? It seems someone somewhere have come to the conclusion that there are still major problems with it and I just, darned as much as I try, can't find the place in the article.

It seems to me Symantec only speculates, as Vista will have a new network stack?

But then, Symantec themselves say:

"We're not saying that Vista's network stack is going to be inherently insecure when it is released," Oliver Friedrichs, director of emerging technologies at Symantec Security Response, said in an interview Monday.

So, which is it, and is the article just spun like this on Slashdot because it's Slashdot?

Re:beta

[kimvette]

Linux users need to stop comparing their OS' state to that of a five-year-old version of Windows.

Okay, compare it to the current release of Windows.

Oh, what's that? The newest release is Windows XP OEM SR2? Essentially a five-year-old OS with a few patches?

I guess it IS a fair comparison then, after all. Come make that same argument this same time next year if both:

a) Vista has shipped
AND
b) Folks are comparing Linux to XP rather than Vista

at that point. Until then, XP is the only valid comparison, unless you want to talk servers in which case Windows 2003 would be the logical comparison point.

Eyecandy.

[jotaeleemeese]

The discussion is about security kid, we all know that MSV is going to be shinny, have new colorful icons and have a nice wallpaper.