Slashdot Mirror
Windows Security Through Annoyances?
techmuse writes "According to News.com,
Microsoft's next version of Windows will let you know that you are looking
at (supposedly) secure data by putting personalized text, such as the names
of your dogs (a null list in my case), in window borders, and will also hide
the data unless the window has no others on top of it. That should make it very usable, and speed adoption of security features -- especially among
people who need to be able to see the data in two partially overlapping
windows at once."
How is that more secure than the little combination lock icon?
"Much work is lost, for the lack of a little more." -Edward H. Harriman
Information on secured windows will vanish if another window is placed on top of it or shifted to the background. Erasing the information will prevent certain types of attacks and remind people that they're dealing with confidential material, Biddle said
What kinds of attacks would those be? The over the shoulder snoop sort?
New Madlibs for Slashdot! Now you too can create Slashdot Stories with these fun, GNU Madlibs!
For example:
Windows ____________ through Annoyances~
or
It's a great new __________ but can it run _______?
And the all time favorite, In _______ the ________ ___________s onto you!
"We are the music makers, and we are the dreamers of dreams."
So to use this new super-secure Windows I'll have to type in huge lists of information that is boring to me?
The article makes it sound like this is to prevent those web pages that make themselves full screen and look just like a desktop, but honestly how often is this tactic even used?
"Information on secured windows will vanish if another window is placed on top of it or shifted to the background. Erasing the information will prevent certain types of attacks and remind people that they're dealing with confidential material, Biddle said." /. crowd a favor. No more rushing to minimize a window when your boss walks by. Just make slashdot a 'secured' page and Alt-Tab anything else over top it. *POOF* it appears like you've been working all along!
Microsoft is finally doing the
[Fuck Beta]
o0t!
Anyone else remember B2 operating environments, and some of the silliness involving assigning dedicated colors to the borders of windows to announce the sensitivity level of the data contained within?
I can't wait for Microsoft to rediscover that feature.. B2 systems were great from an engineering point of view, but as far as usability went, it was so much complexity that users tended to try to defeat the security measures placed on them.
Weapons of Mass Analysis
They should constantly play the red alert sound from star trek at full volume whenever the secure window has focus.
Humans are a security problem, because they contain their own pool of memory too. Let's get rid of them. Deleting a person's memory is easier than the video card's too: One click of the trigger is all it takes. Just Point and Click.
I'd have no clue how to wipe out my video card's memory. (No, shutting off the computer won't do it. I've seen plenty that when they turn back on, the last screen visible is there for a split second.)
Sure, it's all well and good to display sensitive information with a special border, but what if someone writes down what they see and then leaves it just lying around? Where's your special borders then?
The solution is obvious: don't display the data at all!
I've discovered this feature of windowed GUIs a long time ago - you cake take virtually any window, place it over your current window and POOF! the data vanishes, completely obsucred by the new window on top of it. Isn't it neat?
sic transit gloria mundi
While I agree that security should be easy, you can only dumb it down so much. If the entire knowledge that the user has is that a window is "secure", they are only getting a warm fuzzy feeling, not real security.
For real security, you need to know WHAT has been secured. Examples include:
Data was encrypted in transit.
Data is authenticated to come from XXX source, according to YYY certificate authority.
This window is protected from being viewed by PCAnywhere.
This data has DRM, and is protected from being copied to another computer.
Unless you tell the user WHAT the security is, they will make poor decisions about what to do with the data. Putting the name of their dog on the window doesn't provide that information.
This just about says it all. A security problem for whom?
Ask any computer user, from a home web surfer to an IT manager, what they consider to be the worst security threats. My guess is they would list things like MS Outlook viruses, buffer overflows, ActiveX controls, spam and Gator. Would anyone but the MPAA mention graphics cards?
You call those annoyances? I call annoyances, opening a slashdot article and finding five topic icons going down the side of the screen.
A programmer is a machine for converting coffee into code.
Regardless of how much security this, in reality, will provide, it will provide a tremendous APPEARANCE of security.
Sure, it may work. It may even work well. But the important thing from a sales standpoint is that it will look very secure. And that sells better than actual security. Given their posturing over security in the past year, this is right in line.
best web host ever
You *might* disbelieve the article because it comes from news.com.com, but I personally find them to be the highest caliber of news organization.
Right up there with the LA Times, The National Enquirer, and the Weekly World News.
I currently have no clever signature witicism to add here.
No, what they're trying to do is this: provide a cryptographically-guaranteed path for data to the graphics card, that cannot be intercepted.
What this allows is secure playback of DRM-protected material, in such a way that it is impossible for the user to grab the data.
Once manufacturers jump on the bandwagon, you'll end up with a PC with "Palladium-enhanced" components, such as the DVD drive, hard drive, video card and sound card, where you are unable to do anything at all with data streams from sources (the HDD or DVD drive) to sinks (the video or sound card) that's not permitted by the supplier of that data. In other words, forget ripping your DVDs or CDs.
It is fundamentally possible to target the weakest link of any security system. If I cannot create a lookalike window, then I just have to trick Windows into doing that for me. For example, the mere fact that I have an SSL certificate does not mean that you are safe submitting your credit card to my site, although it means you know who I am and can contact me or my company if something happens. SSL requires, in order to be effective, a visible address, and a popup window with no address bar has no way of verifying the address for the customer ;-) So I already have a way of attacking this trust and at least making it hard for the user to track me down.
;-)
Tricks like these are not addressed by this approach which means that Microsoft still hasn't learned that con artists are probably the most likely to be able to get your confidential information
LedgerSMB: Open source Accounting/ERP
What kinds of attacks would those be? The over the shoulder snoop sort?
This is classic "protection". It will remind you that Bill Gates knows where you live and the names of your cats just in case you get funny ideas about infringing on copyrights or alternte software. "Yes sir, I'll pay the windoze tax. Thank you so much for all you do for me!"
Friends don't help friends install M$ junk.
Wrong metaphor.
Look at any spy movie - classified material is in folders with red or black borders, the pages are marked, etc.
I've done the same with some SSL-aware custom JSP tags. If you browse to the page over an unencrypted channel you don't see the material at all (it's blocked at the server), if you have an SSL connection there's a thick black border, and if you have an authenticated and recognized SSL connection there's a thick red border. The actual appearance is controlled by CSS stylesheets, so it could easily faked... but that's not the point. What's important is that the symbol is obvious enough to be clearly seen even if partly obscured, while subtle enough that it doesn't get in the way.
In contrast, Microsoft's ideas are things that should be rejected out of hand by anyone with even a bit of security awareness. "Out of sight, out of mind" definitely applies here - if somebody sees a thick red or black border out of the corner of their eye they'll stop to lock the screen before walking away. But under Microsoft's oh-so-brilliant plan, there won't be any visual indication that they must lock their screen before dashing to the bathroom or to the coffee machine. Or joining a friend for lunch. Yet the confidential material will be available to anyone who cycles through the frames to see if there's anything interesting on the system.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Ok. Let me get this straight. There are people in some African country that send out emails with schemes like, "We need to transfer 500 million dollars into a bank account but we need your help! Give us all of your private information, including your name, SSN, bank account numbers, etc., and we will open an account in your name to perform this transfer. To compensate you, we will give you 20% of the money." And people answer emails like that and give out their personal information. Or, someone sticks a sign on a bank drop box that reads, "Out of order. Leave deposits with guard." And obviously dresses like a guard and stands next to the drop box with a cart, collecting deposits. (As if a BOX can be out of order!!!!!) There are thousands of schemes like this... these two come from Frank Abagnale's book The Art of the Steal. He jacked millions of dollars himself, so he should know: People are unconscious! They don't think about security. Heck, America can't figure out how to secure its borders when thousands of years ago, China came up with a solution that can be seen from space. If people can't figure out how to secure a border, which is a physical thing that is well documented and understood by everyone (just look at a map), how the heck do you expect to secure computer networks when people don't understand (or want to understand) the complex computer internals that need to be understood in order to combat this problem?
Let me ask you a question... When was the last time you were rooted? On your desktop? Running Windows? I honestly doubt that anybody here has ever been compromised, even if running Windows 24x7 with an Internet connection and no firewall of any kind. You know why? Because most folks here understand what security means, at least conceptually, and wouldn't be stupid enough to enter their password (not that it secures anything under Windows) into some bogus window. Do you honestly think that putting your dog's name (or any other information, for that matter) into a window is going to solve any security problems for Joe Shmoe? NO WAY!
The way I see things is simple: Market security to corporations. Sell them computer security services in which their entire network is secured against attack, and more importantly, their data is backed up. But the home Joe Shmoe users... let them screw up their computers with the biggest security threats: All these stupid screensavers, cursors, sounds, graphics, clutter, junk, crap, downloads, viruses, MS Outlook, and all the crap they download and execute without thinking... When their computer crashes and they come crying to me, I'll continue saying what I've been saying for the past ten years, "Where are your backups? Oh, you didn't make any?! Well, the only way I can fix this computer is by blowing everything off and reinstalling. Oh, well... Maybe you should take it to [insert name of a computer repair shop that charges outrageous prices to reinstall Windows for you] and have them fix it. They understand these things better than I do."
If Microsoft really wanted to combat security problems, and I am 100% serious about what I am saying here, then they would forget all this B.S. and convince users to keep the clutter and the CRAP off their computers. Secondly, they would convince people to back up their data. Windows might suck, but I'm always more concerned about the mechan
We at SCO already did. Here's the lawsuit for stealing our idea. Have a nice day.
Reminds me of the "boss key" some older games had, e.g., you're playing at work, see the boss coming, hit the boss key and something possibly work related fills the screen. This sounds about as effective.
... "what are you doing?" ... "errr, nothing, just reading /." ... You won't win, either she sees the porn or she believes your hiding emails from an online romance. No matter what, yer screwed.
E.g., wife/girlfriend/SO walks in the room, you scramble to hide a "secure" window
What changed under Obama? Nothing Good
Is it true? I heard that the next version of Media Player will have a custom graphic for each user. I will display images of your loved ones, pets and property being threatened. While everyone will have the same images of meat cleavers, assault weapons, pitchforks and firebrands all shaking to the beat. The pictures of pets and property, however, will be unique to each luser. If you pull up another company's media player or juke box, the music will dissapear. If you copy the music file or pull up a music sharing client, the pets will cry and the house will burn. Spyware will report you to the RIAA so that these visions can come true, cool!
Friends don't help friends install M$ junk.
Like anyone on slashdot will have that problem.
Hmm, okay, so let's say I make a Microsoft-ish spoof page with a border that has "king", "snoopy" or "brutus" all around, and half the visitors will recognise their page with their unique pooch's name on it, and will give me their credit card number in total confidence. Hmmm ....
I was thinking that too. Then I read the article:
"A hacker can create a spoof page with dogs' names running along the border but, in all likelihood, not one reading "Buffy, Skip and Jack Daniels--and in that order," Biddle said."
True, but anyone could just create a similar-looking window, and just put words "Secure Window" instead of "Buffy, Skip and Jack Daniels". Guess which one will look to be secure and which one will not.
Also, if this system is not clearly explained to non-savvy users (and I am guessing it will not be), then there will be other implications as well - such as people typing in their passwords, or realizing their pet name *is* their password, etc. I look forward to how they implement this and confuse users.
Enter Dogs Name:
FIDO
WARNING: Dogs name too short, should be 6-8 characters long and
use combination of numbers and UPPER and lowercase letters.
Enter Dogs Name:
FiDo1234
Dogs name accepted...
Burma?
No. You have the opposite problem.
Cthulhu Barata Nikto
My dog's names are "Teenage", "Slut", "Live", and "Webcams"....and I swear to GOD, it's the new Window's security mechanisms that are responsible for their appearance on all my window titles!
"Quoting famous computer scientists out of context is the root of all evil (or at least most of it) in programming." - K
Wrong. Part of Palladium/NGSCB, as well as Trusted Computing, is having a special chip to hold encryption/decryption keys. The whole point of this idea is to have information on this secure window that is only available via the keys in the chip. Any static icon (like a lock) can be faked. Showing your choice of data (like pet names) that indicate a trusted window is proof that the program is connected to the trusted chip.
I've not read all the comments here, but I have read the article. .NET crap will allow, I think most commenters are missing the point. You don't have to spoof anything. I mean, there are snippets of code you can put into a normal HTML page that can format a drive for you if you're running Windows, and using IE. Sure, there's patches, but so what? there's updated virus defs all the time, and the by far most prevalent viruses are months, even years old. So, to get back on topic, in this type of environment, someone will think they are safe, because they see poochies name running around the window border, when, in actuality, they "somehow" had the equivilent of a porn dialer downloaded to their system, and, rather than dialing Lybia, it just tells Windows that anything it does is trusted, and the person is well and truly fucked, for they bought into the great lie that Microsoft is telling with it's Trustworthy Platform bullshit.
So far, most of the comments are about a spoofed status bar or the boraders that look different on the secured windows versus the unsecured ones. Anybody whose done work as a bench tech for a company servicing the general public for any length of time has surely had the conversation about porn dialers that the customer never even knew they had installed. With Active X controls, JavaScript, Macros, CGI sripts, or whatever the
For those who describe their systems as 'boxen', do you order multiple 'boxen' of corn flakes also?
"One name one login."
:) )
Eine Name, eine Login, ein Fuehrer!
(Just to ensure that the old adage becomes true, the one that says that when a discussion becomes longer the chance that a comparison to Nazis pop up becomes 100%