Slashdot Mirror
Windows Security Through Annoyances?
techmuse writes "According to News.com,
Microsoft's next version of Windows will let you know that you are looking
at (supposedly) secure data by putting personalized text, such as the names
of your dogs (a null list in my case), in window borders, and will also hide
the data unless the window has no others on top of it. That should make it very usable, and speed adoption of security features -- especially among
people who need to be able to see the data in two partially overlapping
windows at once."
Instead of adding new and experimental UI features, why not use a feature found on nearly every OS and that most end users will recognize - in this case, the lock symbol that indicates whether you're on a secure site or not. Obviously such a symbol would need to be something sufficiently different, but this is a well established (despite being lacking any standard specification) UI element that would require nearly no new training by the end user.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
The article makes it sound like this is to prevent those web pages that make themselves full screen and look just like a desktop, but honestly how often is this tactic even used?
Anyone else remember B2 operating environments, and some of the silliness involving assigning dedicated colors to the borders of windows to announce the sensitivity level of the data contained within?
I can't wait for Microsoft to rediscover that feature.. B2 systems were great from an engineering point of view, but as far as usability went, it was so much complexity that users tended to try to defeat the security measures placed on them.
Weapons of Mass Analysis
Hmm, okay, so let's say I make a Microsoft-ish spoof page with a border that has "king", "snoopy" or "brutus" all around, and half the visitors will recognise their page with their unique pooch's name on it, and will give me their credit card number in total confidence. Hmmm ....
Sounds like a crappy idea actually.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
That little lock in the coner is just that, little. Most people miss it unless they are specifically looking for it. If I understand this correctly, you can customize the look of the window that has secure text to your liking. Ie: perhaps it has a different font, or everything is in red, of perhaps there could be a watermark on the window that says: No Peeking! These would be harder to spoof, becuase presumably the attacker doesn't know that you like to use the phrase: No Peeking! on your confidential documents.
Expect your wife to receive hard copies of that 'questionable' pornography you enjoy so much from the van Eck'ing P.I. she hired (he looks like Tom Selleck :-)
Paranoia Strikes Deep
-boi
How can a website possibly fake the lock-icon which happens to be on the toolbar?
But those dog names will be stored somewhere secure, that they can't access, so you know if you see them that your own computer is generating that data.
Actually I think it's either a desperate try to distract users from real security problems (like the millions of servers that get infected each year despite MS being only a minor player on SQL and webservers, or the even more desktops...) or it's a clever plan to complete the big database in Redmond with the last thing they don't know about you yet: The names of your dogs.
So far, I haven't heard about any "websites faking lock icons and doing nasty stuff", but even though Apache is a much larger target, all big worms hit IIS.
I think somebody at Redmond still treats security as a 100% pure PR-problem. Just do anything about security, no matter how stupid the idea is, as long as it's from Microsoft, there will always be simple minds that will say:
Makes sense
Mod parent up: +1 funny please.
Regardless of how much security this, in reality, will provide, it will provide a tremendous APPEARANCE of security.
Sure, it may work. It may even work well. But the important thing from a sales standpoint is that it will look very secure. And that sells better than actual security. Given their posturing over security in the past year, this is right in line.
best web host ever
This IS a great thing, it's called a trusted path. This is a security concept that's been around for a long time, but isn't widely implemented. You may be familiar with another trusted path mechanism in windows, the log in screen. It requires you to hit CTRL-ALT-DELETE to login, this is done to prevent fake login programs from fooling users.
h tml
Shouldn't they be concentrating on other things, such as actual security vulnerabilities? Seems like they're trying to say "look we're paying attention to security!" without actually doing anything that is effective...
Trusted path mechanisms are a requirement to get the NSA B2 certification for an OS (see urls below), and it most definently is an effective security measure. This may not be terribly relevant to your average user, but to someone dealing with highly confidential information on a computer it is. This feature prevents a) fake windows/programs from giving out false information under the guise of a trusted program, b) fake windows/programs from getting a user to enter sensitive data by posing as a legitimate form for sensitive data entry.
http://www.radium.ncsc.mil/tpep/epl/epl-by-class.
http://www.astrolox.com/libraryc/orange.html
Wrong metaphor.
Look at any spy movie - classified material is in folders with red or black borders, the pages are marked, etc.
I've done the same with some SSL-aware custom JSP tags. If you browse to the page over an unencrypted channel you don't see the material at all (it's blocked at the server), if you have an SSL connection there's a thick black border, and if you have an authenticated and recognized SSL connection there's a thick red border. The actual appearance is controlled by CSS stylesheets, so it could easily faked... but that's not the point. What's important is that the symbol is obvious enough to be clearly seen even if partly obscured, while subtle enough that it doesn't get in the way.
In contrast, Microsoft's ideas are things that should be rejected out of hand by anyone with even a bit of security awareness. "Out of sight, out of mind" definitely applies here - if somebody sees a thick red or black border out of the corner of their eye they'll stop to lock the screen before walking away. But under Microsoft's oh-so-brilliant plan, there won't be any visual indication that they must lock their screen before dashing to the bathroom or to the coffee machine. Or joining a friend for lunch. Yet the confidential material will be available to anyone who cycles through the frames to see if there's anything interesting on the system.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Maybe this has been mentioned and as usual I missed it.
I find myself thinking that if I were to decide to put all my important data in their vault, what might I do if they tell me I have to pay the $1000 upgrade fee for the next version of their software if I want to continue to have access to my data in their vault?
-----
Pretty Bad Privacy (PBP) Public Key
6
Ok. Let me get this straight. There are people in some African country that send out emails with schemes like, "We need to transfer 500 million dollars into a bank account but we need your help! Give us all of your private information, including your name, SSN, bank account numbers, etc., and we will open an account in your name to perform this transfer. To compensate you, we will give you 20% of the money." And people answer emails like that and give out their personal information. Or, someone sticks a sign on a bank drop box that reads, "Out of order. Leave deposits with guard." And obviously dresses like a guard and stands next to the drop box with a cart, collecting deposits. (As if a BOX can be out of order!!!!!) There are thousands of schemes like this... these two come from Frank Abagnale's book The Art of the Steal. He jacked millions of dollars himself, so he should know: People are unconscious! They don't think about security. Heck, America can't figure out how to secure its borders when thousands of years ago, China came up with a solution that can be seen from space. If people can't figure out how to secure a border, which is a physical thing that is well documented and understood by everyone (just look at a map), how the heck do you expect to secure computer networks when people don't understand (or want to understand) the complex computer internals that need to be understood in order to combat this problem?
Let me ask you a question... When was the last time you were rooted? On your desktop? Running Windows? I honestly doubt that anybody here has ever been compromised, even if running Windows 24x7 with an Internet connection and no firewall of any kind. You know why? Because most folks here understand what security means, at least conceptually, and wouldn't be stupid enough to enter their password (not that it secures anything under Windows) into some bogus window. Do you honestly think that putting your dog's name (or any other information, for that matter) into a window is going to solve any security problems for Joe Shmoe? NO WAY!
The way I see things is simple: Market security to corporations. Sell them computer security services in which their entire network is secured against attack, and more importantly, their data is backed up. But the home Joe Shmoe users... let them screw up their computers with the biggest security threats: All these stupid screensavers, cursors, sounds, graphics, clutter, junk, crap, downloads, viruses, MS Outlook, and all the crap they download and execute without thinking... When their computer crashes and they come crying to me, I'll continue saying what I've been saying for the past ten years, "Where are your backups? Oh, you didn't make any?! Well, the only way I can fix this computer is by blowing everything off and reinstalling. Oh, well... Maybe you should take it to [insert name of a computer repair shop that charges outrageous prices to reinstall Windows for you] and have them fix it. They understand these things better than I do."
If Microsoft really wanted to combat security problems, and I am 100% serious about what I am saying here, then they would forget all this B.S. and convince users to keep the clutter and the CRAP off their computers. Secondly, they would convince people to back up their data. Windows might suck, but I'm always more concerned about the mechan
I can't help but think that the only useful reason for putting "unique" data in a window border would be to provide key data for analog captures/etc. By having a personal "tag" in a visual border (and potentially audio), they are taking a step toward making viewers/players/etc [the only link between the analog and digital realm] prolific. They're hoping it will become 'the norm[al]' in a few years, and as such, it could ultimately lead to the end of the analog/digital loophole that currently exists in DRM.
I hope I explained this adequately...
Scary stuff, IMHO.
Don't think that a small group of dedicated individuals can't change the world. It's the only thing that ever has.
I've seen a lot of smart ass posts from people who say, "Big deal, I never put any of that information into my passport. It's just for hotmail." Because this "service" is supposed to work everywhere, is it possible vendors have filled in the missing information for you? After all, because my wife has a hotmail account she was given a passport she never asked for that contained all the information demanded by hotmail. She also makes web purchases from time to time. A participating vendor could have already loaded her and me by association. Someone tell me it's not so or how I can verify it without an M$ OS.
"One name one login." how utterly M$. That shit won't work anywhere that has a clue. Are you going to take Microsoft's word that someone is who they claim they are and just let them romp around your systems?
Friends don't help friends install M$ junk.
Yes, because the great unwashed public know what https and http represent. It's also pretty likely that anyone savvy enough to use Mozilla will also be savvy enough to tell when they are being fed false information in the form of an XUL.
Billy User understands the padlock (sometimes), try explaining to him what the text in the title bar means.
Goblin
It's all fun and games until a 200' robot dinosaur shows up and trashes Neo-Tokyo... Again
Why not a "Security" LED on the system case, which is hard wired to the DRM chip? Make it green when the in-focus window is secure; flash it red if any security compromise is detected. Only way to hack it would be via a flaw in the DRM chip (in which case, the whole system is compromised anyway), or via physical access to the inside of the machine.
Sounds a lot better than scrolling dogs' names around the secure window...