Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows Security Through Annoyances?

Posted by timothy on from the must-have-started-as-a-joke dept.

techmuse writes "According to News.com, Microsoft's next version of Windows will let you know that you are looking at (supposedly) secure data by putting personalized text, such as the names of your dogs (a null list in my case), in window borders, and will also hide the data unless the window has no others on top of it. That should make it very usable, and speed adoption of security features -- especially among people who need to be able to see the data in two partially overlapping windows at once."

3 of 387 comments (clear)

  1. Re:So...... by molo · · Score: 5, Insightful

    Maybe MS shouldn't let remote web pages control how my windows look. I *want* the status, button, and menu bars. Allowing remote pages to remove them is a bug IMO. Mozilla, yum.

    --
    Using your sig line to advertise for friends is lame.
  2. Re:One problem solved by BJH · · Score: 5, Insightful

    No, what they're trying to do is this: provide a cryptographically-guaranteed path for data to the graphics card, that cannot be intercepted.

    What this allows is secure playback of DRM-protected material, in such a way that it is impossible for the user to grab the data.

    Once manufacturers jump on the bandwagon, you'll end up with a PC with "Palladium-enhanced" components, such as the DVD drive, hard drive, video card and sound card, where you are unable to do anything at all with data streams from sources (the HDD or DVD drive) to sinks (the video or sound card) that's not permitted by the supplier of that data. In other words, forget ripping your DVDs or CDs.

  3. Doesn't make sense to me by einhverfr · · Score: 5, Insightful

    It is fundamentally possible to target the weakest link of any security system. If I cannot create a lookalike window, then I just have to trick Windows into doing that for me. For example, the mere fact that I have an SSL certificate does not mean that you are safe submitting your credit card to my site, although it means you know who I am and can contact me or my company if something happens. SSL requires, in order to be effective, a visible address, and a popup window with no address bar has no way of verifying the address for the customer ;-) So I already have a way of attacking this trust and at least making it hard for the user to track me down.

    Tricks like these are not addressed by this approach which means that Microsoft still hasn't learned that con artists are probably the most likely to be able to get your confidential information ;-)

    --

    LedgerSMB: Open source Accounting/ERP