Forgot your password?
typodupeerror

64-Bit Vista Kernel Will Be a "Black Box" 402

Posted by kdawson
from the abandon-all-hope-ye-who-ener-here dept.
ryanskev writes with news from RSA Europe, where a Microsoft VP spoke bluntly about the lock-down that will apply to 64-bit Vista. From the article: "Microsoft will operate 64-bit versions of Windows Vista as a tabernacle, with the kernel as the holy of holies, where only its own high priests of security may venture." While Microsoft has seemed to be making some concessions to the likes of Symantec and McAfee, considerable doubt remains as to their ultimate future.
This discussion has been archived. No new comments can be posted.

64-Bit Vista Kernel Will Be a "Black Box"

Comments Filter:
  • by Zeinfeld (263942) on Tuesday October 24, 2006 @07:14PM (#16569956) Homepage
    Sounds like the right approach to me. We will soon find out whether Symantec and McAfee are helping or hindering security.
    • by Coopjust (872796) on Tuesday October 24, 2006 @07:27PM (#16570118)
      Either way Mcafee & Symantec will claim that it was needed later, simple business.

      If the new model seems to be secure, Mcafee and Symantec will boast about how they've kept the next generation of Windows safe.

      If the new model is less secure, McAfee & Symantec will "point out" the need for their products.

      Win win for AV companies...
      • by smitty_one_each (243267) * on Tuesday October 24, 2006 @07:39PM (#16570276) Homepage Journal
        MicroSoft has historically, and cleverly, built the market by putting out, shall we say "minimalist" interfaces and then let third parties do the grunt work of establishing the product category.
        If the category becomes profitable, Mr. Softy can "find the principle, and buy him[1]"
        You see this in tools, as Redmond pushes a Visual Studio release, and little third-party vendors groan as thier value-added kits have their coolness reduced by new chrome and tailfin on the library widgets. I'm guessing that there will be suffiecient room to put some polish on 'Doze.
        Too, there are going to be plenty of people that puke at the odious licensing policies, and stick with the tools that have helped them limp along thus far.

        [1] To quote my personal favorite Redmond Sales drone, on the consumption of Groove Networks.
    • Re: (Score:2, Interesting)

      by PieSquared (867490)
      I get the feeling it will end up that Symantec and McAfee products will be able to replace the default windows security, but since the windows version is free and just as good there will be no reason to pay and security vendors will fade into obscurity. About two years later, after the old security vendors are all dead, the windows security will stop getting major updates and ten years later (shortly before they release the next version of windows) free, open source replacements that are disadvantaged from
      • by MrShaggy (683273)
        The above replier made a great point.

        Either OpenSource or a MAC solution. I think that it will be mac.

        We just bought an iMAC and its the best of both worlds, in-my opinion.

        reasonably stable, yet pretty enough for the Chicky.

        Mac has years of marketing, and a slow build. Maybe if they did forget about the hardware and just license the OS, as some have suggested, it would push MS away.

        firefox kicked their assess with the better browser. Mac could do the same with the better platform.
        • by jZnat (793348) *
          It's "Mac", not "MAC". MAC is an acronym: Media Access Control [address] [wikipedia.org]. Mac is short for Macintosh.

          And Apple makes most of its money from selling hardware, so I sincerely doubt they'll drop that and try to squeeze money out of selling an operating system exclusively.
        • Re: (Score:3, Insightful)

          by quanticle (843097)

          firefox kicked their assess with the better browser. Mac could do the same with the better platform.

          How has Firefox "kicked their ass"? I'm not trying to defend IE, but last I saw, it still had nearly 90% of the marketshare. That's the kind of market domination that many companies would kill for.

          • by MrShaggy (683273)
            Simply put, the only reason that MS is even doing any upgrades is because of what firefox and others have done. MS has been caught resting on their laurels as it were. The idea was that a smaller set of companies were shining lights on the glaring issues that windows has. MarketShare is only a small meter, compared to it's influence. Netscape was the only browser to seriously challenge MS. Mac only has a small market share as does Linux. Does either of these feel any less important ?
    • by QuantumG (50515) <qg@biodome.org> on Tuesday October 24, 2006 @07:37PM (#16570254) Homepage Journal
      I'm trying to understand what you're in favour of here (and what the article is all about). As I understand it, Windows Vista 64bit Edition will simply not allow kernel drivers to load unless they are signed with Microsoft's private key. Which means that you'll need to either exploit kernel bugs to load your own code (which they'll plug eventually) or boot off a CD and patch the kernel files on disk to disable this checking (which will be hard to do without destablizing the whole system). If that's what we're talking about (and I have no idea if it is) how can you possibly be in favour of it? I mean, it sounds like The Right To Read [gnu.org] all over again.
      • by Zeinfeld (263942) on Tuesday October 24, 2006 @08:01PM (#16570560) Homepage
        As I understand it, Windows Vista 64bit Edition will simply not allow kernel drivers to load unless they are signed with Microsoft's private key. Which means that you'll need to either exploit kernel bugs to load your own code (which they'll plug eventually) or boot off a CD and patch the kernel files on disk to disable this checking (which will be hard to do without destablizing the whole system). If that's what we're talking about (and I have no idea if it is) how can you possibly be in favour of it? I mean, it sounds like The Right To Read all over again.

        Thats exactly what I want. I do not want to have any software patch the kernel.

        If there is no way for the spyware to patch the kernel I don't need McAfee or Symantec there at all. First thing I do with a new home machine is to strip off the AV software provided by Dell as cramware. Machines run so much faster and more reliably without. Then I turn off AutoRun and hook it up to my internal network which has twin SPI firewalls.

        I have never had a virus but I have had machines go wonky because of buggy AV code.

        I want to have as few kernel mode device drivers as is possible. Printers should not require kernel mode, nor should video cameras etc. Only the bare essentials talking directly to the DMA interfaces should ever use kernel mode.

        I don't need to run my code in kernel space and I don't think anyone else does either.

        • Re: (Score:3, Insightful)

          by Ed Avis (5917)

          I do not want to have any software patch the kernel.

          That's your choice, and since it is your computer you should have the right to decide what gets loaded into the kernel and what doesn't. But what Microsoft is doing is different to that. They are saying that they get to decide what gets loaded into the kernel and what doesn't. So if you or anybody else want to load your own device drivers, you can't. On the other hand, if Microsoft decide that some kernel feature is needed - say, blocking the ability

      • by gkhan1 (886823)
        I would rather they went with the linux model of advanced permissions and a (seldom used) root account that had permission to everything, but I see this atleast as a vast improvement over XP. Imagine how much harder it must be to make a rootkit for a kernel that's locked down this way. It's probably not impossible (well, if you modify the system from outside the system, it's certainly possible), but it has to way, way harder.
        • Re: (Score:3, Insightful)

          by QuantumG (50515)
          kernel overflows.. same way you modify a linux kernel after it's had the "no more modules may be installed" bit turned on. See, it's really easy for hackers, they just grab the latest kernel bug that has been found and plug it in to their rootkit. Same with dodgee spyware people. But legitimate software developers can't do that. It'd be unethical.
          • by gkhan1 (886823)

            Well, yeah, so you can do it, but it is a hundred times harder. Those kind of bugs do get patched, and the hackers need to constantly look for new ways in, lest their code be obsolete. The XP core you could just modify willy-nilly without anyone caring, but this time it is atleast protected.

            This feels like one of those issues that MS just can't win in the geek-community. If they left it open, you'd be complaining that it is insecure. If they lock it down, you complain that their locking third parties out.


    • Correct me if I'm wrong, this lockdown only applies to the 64-bit versionof Vista, and that in the 64-bit version of XP the kernel is locked down in a similar fashion? If so, I don't see why Symantec and Mcaffe are making such a fuss?

      Furthermore, 64-bit vista looks like it will have the same enterprise level demographic (db/web servers and such). So it's not like Symantec's core business is being threatened. It looks like they're just playing this up so for the EC to leverage over MSFT.
      • by 3770 (560838)
        They are making a fuss because their livelihood is on the line. Not necessarily because they are right.
    • This is all well and good for Microsoft to say "No access to 64 bit Kernel!".

      But two questions come to mind:

      1) If other A/V companies can do A/V software without kernel access, why do McAffee (or as some other slashdotter erroneously called it, McCafe) and Symantec need kernel access? Why are they so special?
      2) Does Windows Defender/OneCare have kernel access, Microsoft?

      I would expect that the clear best answers in a perfect world that we probably won't get are:

      1) They don't, they're bastard parasites with
      • Re: (Score:3, Informative)

        by omicronish (750174)
        1) If other A/V companies can do A/V software without kernel access, why do McAffee (or as some other slashdotter erroneously called it, McCafe) and Symantec need kernel access? Why are they so special?

        In case people are wondering, yes, 64-bit Vista anti-virus software exists. See this post [microsoft.com] for details.

  • by Anonymous Coward on Tuesday October 24, 2006 @07:15PM (#16569960)
    I know this isn't PC to say on Slashdot.. but MS shouldn't allow undocumented hooks to the kernel. Instead they should provide an API for that.
    • Re: (Score:3, Insightful)

      by Anonymous Coward
      That'll lead to ugly hacks when the developers find that the API either doesn't allow them to do what they need to do, or it's otherwise buggy and needs to be worked around.

      It's enough trouble writing solid modules for the Linux or FreeBSD kernels, and the source code to those is open and widely available. When your module code runs into problems, you can easily see what's going on in other portions of the kernel. It's a very, very useful debugging tool.

      Now take this Vista kernel API you speak of. It'll end
    • So why not provide that API to intercept system calls? This is very important when debugging, and pirating software.
  • I'm confused (Score:4, Insightful)

    by maynard (3337) <j.maynard.gelina ... m ['il.' in gap]> on Tuesday October 24, 2006 @07:17PM (#16569982) Journal
    Fathi conceeded for 32-bit systems the firm will never have the amount of control over security. He said: "That train has left the station."

    For 32-bit versions of Vista, it'll be mostly as you were on security. Developers will be able to patch the kernel, only now they'll have to compete with Microsoft's own brand anti-spyware, encryption, and anti-spam offerings. Fathi lamented Microsoft had "missed a great opportunity" last time round.

    What's the difference between the 32 bit and 64 bit kernel? And what does a 'tabernacle of security' mean?

    I don't think there's a significant difference in DRM hardware between 32bit and 64bit systems. Why make the distinction? If they're going to secure Windows - why not secure Windows?
    • Mainly that it being 64-bit they are garunteed its a newer system and that they don't have to support a lot of legacy junk.
    • Re:I'm confused (Score:5, Informative)

      by phantomcircuit (938963) on Tuesday October 24, 2006 @07:24PM (#16570074) Homepage
      The only way to run kernel code is drivers, 32 bit drivers are currently only sometimes signed. ALL 64 bit drivers must be signed, or they won't be loaded. This is why there is a distinction between 32 bit and 64 bit Vista.
    • by ameline (771895) <ian.ameline@gmail . c om> on Tuesday October 24, 2006 @07:24PM (#16570078) Homepage Journal
      > And what does a 'tabernacle of security' mean?

      It makes sense if you think of it in the typical French Canadian usage of the word Tabernac! :-)

    • Re:I'm confused (Score:5, Informative)

      by Foolhardy (664051) <csmith32@gmail.MONETcom minus painter> on Tuesday October 24, 2006 @07:25PM (#16570096)
      The main reasons they aren't implementing the same thing in 32-bit Windows is because of "limitations of the 32-bit architecture" that apparently don't let them do what they want, and since a lot of programs already patch the syscall table in 32-bit windows, it'd break compatibility with a lot of software to change it now. Binary compatibility for drivers that patch the syscall table on 64-bit Windows isn't an issue because 64-bit Windows for AMD64 has always prevented syscall patching. They figure that the 32->64 bit change is big enough to pile on some more changes, like this.

      This has more to do with system stability than it does for security. Many syscall interceptors are not multiproc safe or do bad things: if the computer bluescreens because of a poorly written syscall interceptor, Microsoft gets blamed for writing unstable software. The syscall interface is considered an internal interface, not to be tampered with by outside parties because its behavior has subtleties not documented, and could change. This is a technical enforcement of that policy.
      • Re:I'm confused (Score:4, Informative)

        by TheRaven64 (641858) on Tuesday October 24, 2006 @07:40PM (#16570294) Journal
        Actually, the 32-bit model is better in a lot of ways. One of the ways AMD 'tidied up' the x86 instruction set with x86-64 was to get rid of the four ring model and move to a privileged/unprivileged model. They also threw away the segmented addressing[1]. This means you can't run a driver in ring-1 or 2 with its own segment and prevent it from accessing the kernel's segment but still let it have direct access to a device, which is possible with IA32. Of course, Windows NT didn't use this model in recent releases (it might have done in the 3.5 days; I can't remember), but OS/2 and later versions of Netware did.


        [1] By the way, the Wikipedia x86-64 article is horrendously biased, and just plain wrong in this area to such an extent that I can't even be bothered to fix it. Apparently Minix 3 is not a 'modern operating system,' and the creators of Xen do not fall into the category of 'modern' in terms of operating system thought.

        • by Foolhardy (664051)

          Windows NT didn't use this model in recent releases (it might have done in the 3.5 days; I can't remember)

          It never did, and there were never plans to. NT 3.5 was written in C (minus the HAL and a few parts of the kernel, which are assembly), and was source-compatible with Alpha and MIPS, neither of which support more than two privilege modes. Cutler wouldn't let the kernel become non-portable enough to depend on multiple CPU privilege levels. The kernel is designed such that any kernel mode code can derefe

    • by merreborn (853723)
      I think the answer is backwards compatibility. These changes will break backwards compatibility with many legacy 32-bit apps. However, I believe the assumption is that 64-bit users aren't expecting backwards compatibility anyway.
      • by rts008 (812749)
        I think the move from backwards compatibility and legacy support has a lot to do with this.
        As painful as it may be for a lot of folks, at some point in time they have to get out of the hole they have dug theirselves into. I hear a lot on /. about how MS has to change their coding to make it more secure/better, often in direct comparison to Linux.

        I'm not an MS fanboy, but at least they are trying to do just that. IMHO, application installs should not mod/join the kernal. I like they way this is implemented i
    • what does a 'tabernacle of security' mean?

      Only the priesthood and those among the flock that they approve are allowed in.
    • Re: (Score:3, Funny)

      by Blakey Rat (99501)
      The tabernacle was the name of the computer in the Sean Connery classic movie "Zardoz": http://video.google.com/videoplay?docid=7328510519 873373264&q=zardoz [google.com]

      As you can see from the trailer, the Tabernacle is indestructible and ever-lasting. So it's a good choice.
  • "Concessions to.." (Score:5, Insightful)

    by MoriaOrc (822758) on Tuesday October 24, 2006 @07:19PM (#16570026)
    Am I the only one who read the line "Making concessions to Symantec and McAffee," and the first concessions that popped into my mind were "Just a little security hole here, buffer overflow there, ect."

    I'm no fan of MS, especially when it comes to their horrible security track record. However, if they really can manage to get it right (or even significantly better) in Vista, they shouldn't be going and making concessions to the people who've been making a living off the things that were broken in their last OS.
  • by ezratrumpet (937206) on Tuesday October 24, 2006 @07:20PM (#16570034) Journal
    Microsoft wants to be responsible for its own security - more importantly, Microsoft wants to reap the financial rewards for becoming responsible for its own security. The personal home user will end up paying a bit more for lack of competition in security software, which won't matter to Microsoft - the real market is corporate sales.
  • Microsoft will operate 64-bit versions of Windows Vista as a tabernacle, with the kernel as the holy of holies, where only its own high priests of security may venture.

    There's going to be a kybosh on naughty developers mucking about with the 64-bit kernel; patching will be banned.
    MS doesn't want any outsiders to see the priests molesting the kernel.

    /Yes, I went there.

    • ...where only its own high priests of security may venture.

      Actually, their metaphor is making me think Aztec/Inca monuments and sacrificial altars with blood and human hearts... After all, it is Microsoft. Or perhaps I'm thinkin' Arby's.

      Oh yes, I went there and there.

  • Good luck (Score:2, Insightful)

    by gweihir (88907)
    Others have tried this before. Never works. Unless it uses trusted hardware, it can allways be run in emulation to facilitate analysis.

    If it uses trusted hardware, then it will have other serious problems, like making virtualisation hard or impossible, something that could make it fail entirely in the market.

    This tough act is just a smokescreen for something else. Hmmm. Do they think they could get around some (e.g. EU) interoperability requirements that way?
    • ...but could you cite some examples?

      TIA!

      • Re: (Score:3, Insightful)

        by gweihir (88907)
        ...but could you cite some examples?

        One thing would be the Xbox hack, although that involved an attack on the hardware as well.

        There are counless successful projects to port Linux to some closed (i.e. black-box) hardware.
  • by 49152 (690909) on Tuesday October 24, 2006 @07:26PM (#16570106)
    Isn't this just another variation of security by obscurity?

    Which everyone by now should have learned does *not* work.
    • Isn't this just another variation of security by obscurity? Which everyone by now should have learned does *not* work.

      Actually it does work. Where people go wrong is using it as their sole security measure. In concert with various other good practices obscurity is good.
      • by Chris Burke (6130) on Tuesday October 24, 2006 @09:38PM (#16571408) Homepage
        That's partly true*, but the reason that security through obscurity is derided is because it is typical of a mindset that has implications beyond just using obscurity as a security mechanism on top of other well-formed policies. Very often, obscurity is the only measure used, in large part because of a lack of substantive review of the other security policies that would reveal their endimic flaws. The belief is "what others don't know can't hurt us". Even worse is that "others" is often not "black hats" but "customers".

        The NSA is a good example of an organization that uses security through obscurity well. They employ the best cryptographers and system designers around, but they are also not about to tell anyone how those systems work. If you did know exactly what they were doing, though, you would still find them to be some of the most secure systems anywhere.

        Microsoft, on the other hand, has a history of using obscurity as a method of covering up embarassing security flaws. They do not have a history of having the best security. Do I think that Microsoft intends to hide the internals of their kernel as part of a comprehensive security regime in which obscurity is only the last layer thus making Vista an impregnable fortress, or is this an attempt by Microsoft to squelch competition from other AV vendors under the guise of fixing their tarnished security image? Well, it's obvious what I think. Which do you think it is?

        * The fundamental problem with security through obscurity is that you can't count on it. Either a clever hacker will figure it out, or an insider will leak or exploit information about the system. Your system must be as secure as you know how to make it assuming that your enemy has full knowledge of the system. Only then does layering obscurity on top of that make sense as an additional mechanism. Otherwise it's a false sense of security.
    • by gweihir (88907)
      Isn't this just another variation of security by obscurity?

      Which everyone by now should have learned does *not* work.

      Looks very much like it. Reinforced by some chest-thumping and bluster. Maybe they hope they can scare hackers off....
    • Re: (Score:3, Insightful)

      by misleb (129952)
      Preventing programs and drivers from tampering with internal OS structures is not security through obscurity any more than preventing people on the internet from accessing your computer directly (firewall) is security through obscurity.

      -matthew
  • Don't open it! Remember what happened to Pandora!
  • Joe Blow (Score:5, Funny)

    by Ice Wewe (936718) on Tuesday October 24, 2006 @07:28PM (#16570134)
    64-Bit Vista Kernel Will Be a "Black Box"

    Microsoft also warned 32-Bit users to be careful, because if you run the 32-Bit version, you're screwed

    • Yup. Like parent, I detect MS putting a PR spin on this. They've done this often enough in the past - telling people that the old stuff was crap to get people to but the new.

      Given that Joe Public no longer believes MS has control over security, they need to build some new mental images to sell. 64-bit black boxes sound pretty solid.

  • Sayonara, Symantec (Score:5, Insightful)

    by Cid Highwind (9258) on Tuesday October 24, 2006 @07:43PM (#16570334) Homepage
    There's going to be a kybosh on naughty developers mucking about with the 64-bit kernel; patching will be banned.


    If it will stop crapware like StarForce and the Sony rootkit from sneaking extra drivers in, bring on the kibosh. People who want to tinker can use one of the fine Open Source operating system kernels [kernel.org] that run on 64-bit Intel machines. Those that just want to play games or run Office can feel a little bit safer from malware.

    Sorry Symantec, but after dealing with the disaster that is Norton Internet Security, I won't shed a tear when I read that you've filed for Chapter 7.
    • by drsmithy (35869)

      If it will stop crapware like StarForce and the Sony rootkit from sneaking extra drivers in, bring on the kibosh.

      Unlikely. Those developers will simply get their drivers signed so they are allowed to load.

  • by postmortem (906676) on Tuesday October 24, 2006 @07:43PM (#16570338) Journal
    Will not go very well, at least in beginning. This enhanced security won't sell it. There won't be drivers for some existing stuff ever. Seems that MS wants to push this version and keep 32-bit as legacy, but in the end when end user can't make it work as well as 32-bit, it is just going to slip and create confusion. In long run it may pay off, when systems and components are designed for 64-bit, until then, 32-bit will be preference. I wonder if any of corporate users are going to put 64-bit on employeees workstations in upcoming months -it seems as a big risk without much gain.
  • by flummoxd (1017734) on Tuesday October 24, 2006 @07:44PM (#16570348)
    ..to release a 32-bit version of Vista?

    Every week, I hear about a new thing that will "only be in 64-bit Vista". First it was HDTV content only on 64-bit [slashdot.org] for DRM reasons. Now, we're hearing the reasoning that Windows will be more secure if we don't let third parties in the kernel. Fine, whatever. If we were to assume that makes it more secure, then so be it.

    But why bother to release an inferior 32-bit version? Under the presumption that closing the 64-bit kernel off will make things better, why not use the same strict security policies in 32-bit? Surely, there can't be any technical reason for all of this. It's all marketing, right? ("Microsoft recommends a 64-bit PC.")

    Or is there some real reason why it feels like 32-bit Vista and 64-bit Vista are two entirely different operating systems?
    • Re: (Score:3, Insightful)

      by tkrotchko (124118) *
      Probably because the 64 bit version will break a lot of code. For example a lot of TV boards write their own drivers (for better or worse) and these won't work. Anything that writes it's own driver or have to get to ring 0 will break.

      So the 32 bit will be if you want anything to run, the 64 bit will be for people who want to play DRM'd content on their PC. Maybe an exaggeration, but I think that's about it.

  • by Beryllium Sphere(tm) (193358) on Tuesday October 24, 2006 @07:44PM (#16570352) Homepage Journal
    Joanna Rutkowska gave a talk about this at Blackhat. Take a program in usermode but with administrative privileges, force the kernel to get paged out, edit the pagefile.

    In a recent blog entry, Rutkowska criticizes Microsoft's response to the pagefile attack [blogspot.com]. Boiled down, it amounts to the problem that as long as a disk utility can run, someone can still edit the pagefile. Her preferred fixes would have been encrypting the pagefile or simply not swapping the kernel. NetBSD's Elad Efrat suggested simply hashing the kernel for integrity checking.
  • by Psykechan (255694) on Tuesday October 24, 2006 @07:44PM (#16570360)
    For 32-bit versions of Vista, it'll be mostly as you were on security
    Translation: You're screwed! Upgrade to 64 bit ASAP (P.S. some of your software won't work)

    Defender has already become the most popular download ever from Microsoft
    If I was MS, I certainly wouldn't brag about anti-malware being the most popular application.

    referring to third parties being able to patch 64 bit Vista - "It's just not the way the box was designed...we're putting a stop to that."
    Great. What happens when MS doesn't quickly put out a patch... no choice on using the good samaritan patches anymore, you just have to sit and twiddle your thumbs.

    referring to ever being able to secure 32 bit Windows - "That train has left the station."
    I think it's more like the Windows train has left the station. Why bother to convert to 64 bit Windows? Switch to something else as soon as possible.
  • by UnknowingFool (672806) on Tuesday October 24, 2006 @07:44PM (#16570362)
    Microsoft will operate 64-bit versions of Windows Vista as a tabernacle, with the kernel as the holy of holies, where only its own high priests of security may venture."

    I think the crux of debate will be what MS considers its own high priests. If that means MS security products that compete with Symantec and McAfee, then the two vendors have a legitimate gripe that MS is using its monopoly power to lock them out. MS has said that its security products will not have access to undocumented APIs, but how much do you trust MS at their word? I don't trust them that much because I think MS still plays dirty. As recently as the Burst lawsuit in 2004, you can still see MS is refusing not only play fair but abide by court orders: Both parties were told to disclose emails as part of discovery. Burst.net discovered that not only did MS destroy emails but it was the policy of a multi-billion dollar company not to retain any emails over 30 days. And Burst listed out the many ways the company actively followed this policy. [groklaw.net]

  • by SQLz (564901)
    Now even Microsoft is catering to the right wing religous fanatics.
  • no, no, no (Score:5, Funny)

    by circletimessquare (444983) <<moc.liamg> <ta> <erauqssemitelcric>> on Tuesday October 24, 2006 @07:48PM (#16570402) Homepage Journal
    everyone got it all wrong

    the os isn't a black box, the os needs a black box

    you know, for when it crashes

  • ...the more they stay the same.

    "...where only its own high priests of security may venture."

    The concept of 'programmer priest' came about when mainframes ruled. You were not allowed direct access to your data. You had to present your request to the men in white lab coats and wait for the proper circumstances to occur before, even frequently if, you were deemed worthy of receiving an 'output'.

    Today, we continue to hear the phrase 'information wants to be free'. MS, having yet again painting itself i
  • They Have To keep that a secret... ;)
  • Dear Slashdot:

    I recently purchased a new computer with Windows Vista installed, and I'm having problems switching over to Debian Linux. I've opened up the case and looked everywhere, even inside the power supply, but I can't find any black boxes inside. I know it's there, Microsoft keeps talking about it, but I'm having the darnedest time locating it. Where is it and how do I disconnect it?
  • Correct me if I'm wrong, but I was always under the impression that the NT kernel and its later variants was actually put together quite well with the input of the ex-VMS team, and that everything Microsoft dumped on top of it was the primary weak point in the OS.
    • by Sloppy (14984) on Tuesday October 24, 2006 @09:25PM (#16571310) Homepage Journal

      The kernel has a reputation for being not particularly bad.

      The reason the kernel is an issue, is that the new "threat" against Windows security is the owner/administrator of the machine. Microsoft needs to try to implement DRM, in order to get into bed with the media companies and sell music and Zunes to play it. You can't implement DRM if the user can patch the kernel to work around the DRM. Thus, they're going to try to prevent end-users from having the capacity to modify this behavior of their own computer.

      The "security companies" are taking collateral damage from this, because their applications have to intercept all reads/writes (to files, the network, whatever) in order to scan all data against a blacklist of known malware [ranum.com] in order to try to protect the comically fragile userspace. This scanning is implemented through kernel patches, I guess.

  • You can bet this is going to make life very hard for the folks like VLC or anyone who wants to do something clever with the audio system. Wonder how they are going to push it, however? Sure, they can go for attrition, and make sure all new machines come with Vista, but there are a lot of Win32 machines out there that have more than enough CPU. There were some big jumps from the 200mhz-600mhz range, but now with 2-3ghz more or less normal and no 'got to have it' devices like USB3 this is going to be a tough sell. Heck, even with DirectX 10 being reserved for Vista, game publishers would be suicide to go after that market for a couple years. While it might give a few more FPS, you can bet the vice-like grip on hardware will doom any of the older games from running on the system... I mean, heck, if you could access the video, you might just try to display content without the secret hardware handshake.
  • by the eric conspiracy (20178) on Tuesday October 24, 2006 @08:41PM (#16570948)
    This makes me think of Kid-Proof caps. Only the kids will be able to open the cap to get into the kernel. Users who want to install legit stuff, forget it.

  • "Microsoft will operate ... Vista as a tabernacle, with the kernel as the holy of holies, where only its own high priests of security may venture."

    Meaning that the kernel itself will actually be a port of OpenBSD, but (shhh) don't tell anyone.

  • Ya know, this is why I hate Microsoft. There they go, using buzzwords like "black box". I guess the old-school word "log" was just too common for them... oh...wait...never mind...
  • What about devs? (Score:4, Interesting)

    by Teppic_52 (982950) on Tuesday October 24, 2006 @09:46PM (#16571478)
    So, if your writing (alpha) drivers for a new piece of hardware, how do you get them into the kernel to test them? Do you have to get MS to approve your H/W as pretty enough to make it in to Vista first?
  • by gelfling (6534) on Tuesday October 24, 2006 @10:00PM (#16571610) Homepage Journal
    64bit Windows will see deployment in the server room on corporate data centers. In this area security is secondary to audit compliance. Server ops will turn on the default Win64 kernel security and it will do whatever it does. Auditors will check the AV box and move on to the next server. Everyone is happy. Server ops has one less thing to do and auditors have an easier job of auditing. I know that's cynical but that's how it works.

    Let's remember that the reason Windows is in the server room in the first place is because MS sold it on the premise that's easier to run. Not faster, not with less hardware, not even with fewer people but with a lower skill set. Cheaper. So embedded security is not about security, it's about skill sets. Set it, forget it, hope for the best. If it smashes on the rocks then everyone did their best anyway and no one can be held accountable.
  • by radux (776711) on Tuesday October 24, 2006 @11:08PM (#16572034)
    Microsoft has been attempting to deploy an architecture like this for some time. Check out Microsoft's NGSCB/Paladium/TCPA initiatives (http://en.wikipedia.org/wiki/Palladium_operating_ system [wikipedia.org]). This is a paper tiger without the special hardware. In a few years a push will be made to get people to adopt the hardware. It will be interesting to see how they sell it.
  • by Slaryn (986308) on Wednesday October 25, 2006 @01:14AM (#16572898) Homepage
    For those of you who don't speak "Microsoft"... "Microsoft will operate 64-bit versions of Windows Vista as a tabernacle, with the kernel as the holy of holies, where only its own high priests of security may venture." roughly translates to "It will have a password."
  • by ajs318 (655362) <sd_resp2 AT earthshod DOT co DOT uk> on Wednesday October 25, 2006 @05:47AM (#16575004)
    Oh, the horror! Imagine if any Theo, Dick or Linus could modify the precious kernel!

You can't take damsel here now.

Working...