Slashdot Mirror
Windows Vista still Rife with Insecure Code
osxpetition writes "As noted in a News.com article, Symantec researchers have been testing the latest Microsoft Windows Vista build (Beta 2), and have found that the code is 'complete with new corner cases and defects' in the networking component. Symantec describes how Microsoft scrapped the old networking stack code from Windows XP in favour of newer, rewritten code. 'Microsoft has removed a large body of tried and tested code and replaced it with freshly written code.' Since January 2002, Microsoft has put a stronger emphasis on protecting PCs by attempting to implement stable, secure code into Windows XP and their new operating system. This latest report from Symantec brings attention to Microsoft's trustworthy computing campaign, and shows how it will be a long way before it is ready for the mainstream."
They figured out that the old network stack was starting to get too secure and not something they could live with! Not wanting to break the trend of security problems they went ahead and rewrote the code from scratch
How dare they! Just when I know all the exploits in the old code, they make me go and have to discover all new bugs in their new code. Being a hacker is hard some days...
If this signature is witty enough, maybe somebody will like me.
Since you didn't provide any useful context to your question, allow me. From here:
OK, so Symantec makes money selling products that patch up problems with Windows OSes. Microsoft trying to put them out of a job. I'm not saying Vista is really achieving this goal, but what sort of report did you expect from Symantec? "Wow, this Vista really makes our products unnecssary"!
FUD. At least they learned Microsoft's greatest marketing strategy.
-Ryan C.
Isn't it to Semantecs best interest to generate demand for their product by creating uncertainty when it comes to OS security. They did this to linux too...
Granted Microsoft may be using new code, but that doesn't necessarily mean it's more insecure than the current network stack.
Let's see what the non-beta software looks like, and see what a independent lab reports.
Bill
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
Actually the old code might be better. And I don't defend blindly.
It has been my repeated experience that "Cruddy and complex" code is that way because the problem space is cruddy and complex and thats what bugfixes do to code.
You throw out that complexity and you throw out accumulated knowledge. I have yet to see a second system or third or fourth that managed to keep the bugfixes of the previous system. These issues return and they are accompanied by new ones.
In this case there might be a reason to thow out this particular baby with this particular bathwater: the only thing that new code gives you is resident experts on the new code. If you have staff turnover (Which MS always does), they may have already lost the resident experts on the previous design.
So that brings up the next point: MS may now be jumping its proverbial code shark: They've not increased in price in 3 years: stock options are worthless, they're losing people, and the hardware vendors are saying "When are you going to get us a decent 64 bit system?". They can't seem to ship secure code and now they throw out working subsystems, possibly because they've got a brain drain. MS owns the office market, but they're starting to really fall behind in shipping modern security at the OS level.
-- Perl Hack, Web Hack, SQL Hack, Guitar Hack
I had never heard of such a thing before (actually, initially I thought you were just punning on Windows + 'shattering', har har).
It would seem that Vista allegedly fixes the design flaw that allows for the attack, by not running system services in the same session as the user. At least, that seems to be what the Wikipedia article on the topic is suggesting.
The key to shatter attacks is that Windows allows processes running in the same session to pass messages between each other, the result of which is that via code injection, any process can escalate up to the level of the highest process also running in its session. MS is quoted in the article as saying "[This is not] a flaw in Windows. In reality, the flaw lies in the specific, highly privileged service. By design, all services within the interactive desktop are peers, and can levy requests upon each other. As a result, all services in the interactive desktop effectively have privileges commensurate with the most highly privileged service there." (Which is amusingly doublespeak-ish; they're saying "this isn't a design flaw, we designed it that way!")
This blog post by a member of the IE7 team would confirm that they've at least tried to address this in Vista (but of course that's what you'd expect them to say). It says: "User Interface Privilege Isolation (UIPI) blocks lower-integrity from accessing higher-integrity processes. For example, a lower-integrity process cannot send window messages or hook or attach to higher priority processes This helps protect against "shatter attacks." A shatter attack is when one process tries to elevate privileges by injecting code into another process using windows messages."
Yet another nice legacy "feature" from the single-user-OS days.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
In fact, I think it's the only way to explain how many security bugs are in Windows.
I think you perhaps need to take some lessons in critical thinking. This is the equivelent of saying, "The only reason auto-manufactuers put problems into cars so they have to recall them is because the government makes them, which is why Japanese cars are better than American cars."
Large monolithioc systems are inherently more complex that smaller componant built systems. (Although those have problems too along the boundary interfaces.) Auto-makers put lots of time and money into making a car that A) doesn't fall apart and B) doesn't require a multi-billion dollar recall effort. Microsoft puts lots of time and money into trying to make their software more secure.
On the whole, I'd say the auto companies do a better job. :-) Thowing money at a problem very rarely solves the problem. The need to have an understanding of the problem, and how to fix the underlying problem is vital. I think that is where Microsoft fails. The systems they have in place (from what I hear) are more frustrating to the engineers than helpful.
I also have problems believing MS engineers are really motivated these days. Many of Microsoft's security issues have stemmed from their own code interactions which they implemented as deliberate features. Many more have been from sloppy programming (such as buffer overruns).
Trying to blame MS security issues on government mandated back doors smacks of plain political diatribe with a nice glossy veneer of ignorance on the top to give it a nice sheen.
I am not a resource! I am a free man!
FTA:Symantec researchers put the networking technology in Vista under a magnifying glass to determine its exposure to external attacks. The team said it found several flaws in build 5270 of Vista and even more in earlier test versions. However, these were all fixed by Microsoft in build 5384, the version of the operating system that was publicly released in May as Beta 2.
For those too lazy to read the article all it really says is. We found a few issues in early releases of Vista. They've already all been fixed by Beta 2, but we are guessing there are probably more.
"reality has a well-known liberal bias" - Steven Colbert