Slashdot Mirror
Vista Hacking Challenge Answered
debiansid writes "Microsoft's most secure Operating System yet
has been compromised at the Black Hat hacker conference. We all know that Andrew Cushman, Microsoft's director of security outreach invited the Black Hats over to touch and feel Vista in order to showcase the superiority of this OS. Joanna Rutkowska, from Coseinc, a Singapore-based security firm, obliged and showed how it is possible to bypass security measures in Vista that prevents unsigned code from running with the help of a little software she calls the 'Blue Pill.'" To be fair, the hack was possible only when the target is in administrator mode rather than a limited user account.
So if you're a black hat and you've found a new, as yet undiscovered hole in Vista, would you really go running to MS to tell them all about it so they can patch it?
Or would you keep it to yourself in hopes that the final release will still contain the hole so you can pwn millions of new adoptors?
show me the average home user who doesn't runs XP as administrator. Do they think that anything is going to change for Vista?
Unfortunately, I think it's been established that many "average" users run in that mode, regardless of security concerns. I wonder if Vista will be an exception to this.
Hades, PoD: Official Advocate
So, someone admitted that there is a vunerability in Vista. Among all the folk invited to 'test' Vistas security, someone had to come up with something. Even if they had to be administrator to do it.
It's the ones the black hats are keeping under their caps, or hats, that is going to be issue. But they can't all be trusted to tell. Not if they've found an especially 'useful' hole anyway.
Lets see how long it takes for slashdot readers to swing into full hypocrisy mode. Specifically mocking windows because it is vulnerable to users running insecure software in administrator mode when every other OS has the exact same vulnerability. Of course windows users do have the unfortunate tendency to run as administrators, but 1- that is blaming the software for the problems of the user, and 2- Vista might be running in user mode by default.
And no, before you ask, I am not a windows user, I am on a Mac PowerBook G4. I prefer the mac because it is easier to use and I am not a gamer, not because of some imagined speed or innate security edge over every possible windows product.
Philosophy.
...but the user has to PERMIT the program to run.
Yes, many users are just stupid and will automatically click "yes" on things, but at that point it's their own damn fault. The hack won't work without the user letting it work.
news at 11. Blackhats discover it is possible to compromise a machine if you have admin/root privileges. OMG, what are we gonna do.
seriously why is this even posted here, what moron considers being able to do nasty things when your an admin an OS based problem? if it is we all better pack up, go home and give up.
This article is a little slanted towards, "MS said you can't get into their OP, and black hats said, 'bitch please!'". But really, MS probably expected this, and was hoping that they could learn something from watching a collection of hackers test their system. The more problems that are caught now, the less when it is released.
Microsoft doesn't care about impressing Linux users, they care about releasing something that A LOT of normal users can install and forget about. Every iteration they get more stuff right, and their operating system becomes better (except ME, that sucked dick).
You take it, I don't want it...
She also admitted that she had to perform the hack in higher privileged administrator mode rather than the lower privileged user account control.
Seems to me this 'hack' gets the cart before the horse. If you are able to run malicious software in administrator mode, you can do anything at all, not just compromise signed code authorization. Heck you could replace the whole OS. The point of security is to prevent unknown persons from being able to run malicious software in the first place.
... how well does this superior security hamper productivity?
The most secure computer system is one that is not turned on.
I dont know if any of you have done a bit of looking into Vista but MS is touting one of the main advantages of it as a limited user mode that actually works. Everyone runs XP as an administrator because most stuff wont work if you dont run as an admin. With Vista now the default accounts ARE all limited users and actions requiring admin privledged simnply prompt for an admin user.
Here we are in the same boat as any other os. If the user is stupid enough to
-always run as admin
-or freely allow things to run as admin mode when the dialog pops up
then its the users fault.
The real question is: will elevating oneself to administrator become common practice or not? If admin land stay reserved for the likes of Slashdot, then problems like this will probably be greatly reduced. But that assumes that the difficulty in setting up an admin account isn't worth it for most people.
Haiku for you!
Well, it is unless Ubuntu or one of the other Linux distros finally make that hurdle across the final 5% or 1% of making things 'just work' that seems to elude open source developers.
I've been very impressed with the latest Vista beta. I can't say for certain that it is secure but the small amount of time I've run it, I've had absolutely no security/spyware virus problems in normal day to day use.
It doesn't quite have that elegance that Apple has with the shading/highlights etc for the UI elements, but so far Vista has been stable, secure, and fast.
And I've been a foaming at the mouth Microsoft hater for the a long, long time. It looks to me like Microsoft has finally got their shit together with this OS. There was always a desire to get back to my Mac with previous Windows systems, not any more with Vista.
Everyone who thought Vista was not going to be hacked raise your hand. Yea, that's what I thought.
Funny createSig(Witty remark, Odd reference)
{
return (Funny)remark + (Funny)reference;
}
...where have I seen that before? Where the true Root account is hidden and you have to go through a painstaking procedure to enable it? Where the "admin" account is actually a standard user that has to sudo to do Root-y stuff? Oh yeah, Mac OS X. And Ubuntu/Kubuntu/Xubuntu, which was influenced by Mac OS X to do the same thing.
Knowledge is power. Knowledge shared is power multiplied.
Vista's security scheme works like sudo or the OS X admin password dialog. You're out of your element.
Slashdot - where whining about luck is the new way to make the world you want.
I mean if I get you to run something as admin/root/whatever I can do whatever I want. I can own your system in any number of ways. If I do it with your knowledge (as in you clicked and chose to run the program) I fail to see how that's an exploit. The power to do what you want with a computer implies the power to break it. I can't very well give you full control over your own stuff, but not the control necessary to screw things up.
Calling anything that requires manual user execution a "hack" seems to stretch the term. Sure, I could give you a shell script that would own pretty much any Linux system when ran as root, but I wouldn't say that's a hack, that's just exploiting stupid users.
Nooo, take the Red Pill!
As mentioned in my previous post. They have their excuse for even more Vista delays. If you didn't read the old article they gave these "black hats" the authority to halt shipments of Vista until all issues are resolved.
This "trick" uses a hardware bug, not a sofware bug, to exploit Vista. It should affect other OSes like Linux, Solaris, BSDs, etc.
I'm not surprised that they focused on being able to break Vista. A nice marketing move for the "researcher" (like there're not papers that explain how virtualizing environments aren't 100% safe in the x86 architecture)
Next will he be standing under a "Mission Accomplished" banner, despite the obvious failure?
When exploits require administrator/root access in the first place in order to function, interest level drops to 0.
r s.html#Lin0xx which was quite boring.
This exploit-requiring-admin reminds me of another recent speech, namely http://www.defcon.org/html/defcon-14/dc-14-speake
*yawn*
So let's see, if you run an application as "Administrator" on a new Windows Vista machine (where users are not, by default, created as administrator accounts), that application could cause problems with the system or, if you will, "hack" the system (such an unclean word). How is this any different from sitting down at a Linux system with root access and running amok? Are root accounts inherently more secure than administrator accounts, or am I missing something here? At least on the Vista machine, a notification box may appear letting you know something is going on. See if "rm -rf /" on a Linux machine even asks you to verify your entry before it executes. Microsoft has made it clear that Vista users won't run as admins by default, so I see this as a non-issue. Why does it even qualify as "news?"
"Microsoft's most secure Operating System yet has been compromised at the Black Hat hacker conference.
MOST SECURE???? based on WHAT evidence??
what's that? there is NO evidence that this is the case? I thought so.
In what way?
If I click on "Install" or just insert my installatoin CD, and Vista says, "Login as Admin, owner, or someone with security privileges.", will it know to just install the software based on ...ESP? How will it know that the user is the admin or owner? Do you really think that the average user will know what that means?
My wife, as smart as she is (medical - lucky me!), will get those dialog boxes from windows when she wants to install software. She'll run to me ans ask what to do.
MS is going to get a shit load of tech support calls over this!
Look, you have to hand it to microsoft here - they are at least TRYING. I really get the feeling that someone, somewhere inside redmont finally got a clue and got them fired up about really cracking down in terms of security. Look at the 360 (yes, there is a firmware hack for the dvdrom drives, but that is not mucking with the internal security), and how long Vista has been delayed and re-written.
I know this sounds a little crazy (trust me, i hate that I'm having to even write this post), but i really think MS is giving it the ol' college try from here on out...
Comment removed based on user account deletion
This contest doesn't make sense, if they find a vulnerability, it's some bad PR, but, well, how many vulnerabilities have been found and patched for XP? If they don't, it still doesn't mean it's unhackable, it just means they need more time.
The only case where they DO work is when you're asking people to crack encryption, and then it's only CRACKING it that proves something, saying that noone could crack it doesn't mean it's uncrackable.
Send email from the afterlife! Write your e-will at Dead Man's Switch.
Whew! Good thing I got here before you got moderated insightful. Substitute Linux for Vista and ask your question again.
As I read it, Microsoft has declared that as of their next release, they simply won't allow unsigned drivers and other kernel-level code to run. Which, according to quite a few hardware vendors, means enough expense to be prohibitive; those same vendors today simply provide instructions to ignore "this code isn't signed" warnings.
Well, this hack lets those vendors continue as they bear.
The posts about "well, DUH! you need admin privs" is beside the point because driver (etc) installations always have. The news is that Microsoft has been trying to change that, and (at least for now) failed.
Lacking <sarcasm> tags,
So does this mean I'm going to need to be in administrator mode to run free software?
Since just about everyone runs one or two pieces of free software (Windows isn't capable of very much out of the box) doesn't this mean that *everyone* will still be running in administrator mode?
In Capitalist America, bank robs you!
Did it ever occur to anyone that the majority of executables and drivers, even legitamate ones, are not signed? So what this article doesn't say, but suggests is that MS's solution to the whole security thing is to block out all unsigned exe's. Am I wrong?
It's quite simple to run unsigned code. Use bcedit or VistaBoot to edit the boot configuration to allow you to run unsigned code and you're set.
Bill, your puny OS has been hacked by ... a GIRL! bwa ha haaa
wait...
Man, she is a babe!
I saw her first!!!
*runs to buy airplane ticket*
Visual Studio has to run in admin mode. Okay, IFF you want to use the debugging facilities you need to be an admin. But how often would you not want to use the debugging facilities when you're developing code? And how many developers are only going to use admin mode when they need to do some debugging? Perhaps this will be fixed in the first version of VS for Vista. I wouldn't risk much of my annual income on it.
I tried ./amok but nothing happened? /usr/bin/amok or something?
Do I need to chmod +x
Microsoft's most secure Operating System yet
Since this is clearly unproven, we must consider it a marketing claim. Since it's a marketing claim, we must consider it as untrustworthy as their least-trustworthy operation system. Which, possibly (it's unproven), could be Vista.
- The Kessel run is for nerf herders. I can circumnavigate the entire Central Finite Curve in a lot less than 12 parse
You are probably thinking of the AMD hypervisor she discussed for designing Vista rootkits.
You mean, you'll be able to actually run 'existing' software that isn't installed and/or running as administrator?
Considering that most of the PC related problems occur between the mouse and the keyboard, it won't make any difference Vista to XP or 98, the average user will manage to make the 'most secure operating system' the most insecure just to be easy to admin.
Would offering rewards for finding pre-release vulnerabilities- or post release for that matter- change things?
You'd have lots more people searching for them, and would people go through the trouble of making a malicious hack when A) in the interim someone else might find the same vulnerability and claim the cash, or B) you'd be giving up a considerable chunk of change, just for 'props' on the black hat scene. "Fuck the man!" kind of fades in the face of a new car, rig, expensive toy, etc.
Of course, this doesn't take into account making trojans with the intent to profit illegally by stealing user info, but if the reward was commensurate to the threat level exposed as determined by a neutral third party, would 1, 5, 10, 50 thousand be too much? Crowd sourcing is on the way, they say...
Woah.
http://www.syscan.org/program.html
...I'd be willing to bet that most people run their computes with Admin accounts.
It's too much fo a hassle to deal with the "You can't do that, log out, log in as admin, do that, log out, log back in as yourself" for most people. Hell, I KNOW what the hazards are, but I sitll do it.
Saying "It's only insecure when you run as administrator" is like saying "It's only dangerous when you smoke the cigarettes". Of course it's only dangerous that way, but that's not stopping thousands of people from doing it.
This space for rent. Call 1-800-STEAK4U
Banned from DefCon just for having a little fun,
We brought a little Alpha there
Just a crew of four
But DefCon doesn't want us any more
I wonder why. .
OpenVMS was banned uninvited with quick rules change. Only those less secure operating systems need show up. Microsoft will always be welcome.
To be fair, the hack was possible only when the target is in administrator mode rather than a limited user account.
That will limit the damage to about 90% of Windows machines connected to the internet. And here I started thinking that MSFT security wouldn't be any better in Vista. Guess I was wrong.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
See Microsoft has realized that by having hackers attack Vista, new exploits can be found that can be quickly fixed. Microsoft can also get good publicity since there exist no serious exploits.
Microsoft wins no matter what!
Best post ever.
The Matrix reference was by the author of the malware.
Since the malware works by creating a virtual machine environment and effectively running the OS and its entire herd of applications within it, the Matrix reference seems entirely appropos. The Matrix is the closest match in popular fiction to the situation.
("True Names" and the Cyberspace/Cyberpunk stories are earlier. But the core premise of "The Matrix" is that the entities within it are normally unaware of this fact and don't normally have any way to determine that they ARE within a simulation.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Please report to your nearest LUG meeting location for reprogramming.
Though I'm not sure why you were modded troll; it's a valid point. Vista got "hacked" by running malicious code under Administrator privileges. Would anyone really be surprised if Linux got "hacked" by running malicious code under root privileges?
The same reason Microsoft doesn't try to get rid of security vulnerabities in MS-Dos and Windows 3.11. It's considered "don't-even-bother", as those computers just barely got a hard drive and adding user-accounts would massivly break 99% of existing applications.
BTW, OpenBSD didn't remove every security vulnerability either, as demonstrated by the new class of attack that was recently discovered. This would be the string format vulnerability.
Anyone can - it's merely a project "which aims at getting rid of all security vulnerabilities before shipping", as opposed to a project "which removes all security vulnerabilities before shipping." Bashing Microsoft because of this plan is no different than bashing OpenBSD.
Every user I've met that nows about administrator mode on Windows operates in it when they can. They shouldn't but they do. I do. Who then are you being fair to - Microsoft, or the hackers?
Why do you fault Microsoft for the actions of incompetent third-party developers? Yes, Microsoft is partly to blame, since all consumer Windows operating systems (prior to late-2001) did not support file privileges; however, Windows XP was released nearly five years ago, so programmers should have learned better practices. Blaming Windows for the sloppy practices of third-party developers is like blaming Unix because Sendmail & Apache run by default as root (which they both used to do).
---- "XML is like violence. If it doesn't fix the problem, you aren't using enough."
Red pill
Used to detect if it's being run in a virtual machine.
The revolution will not be televised... but it will have a page on Wikipedia
I only blame Microsoft for not using their heavy hand to do good. They are well known for using their economic leverage to control other aspects of the computing world, why not something simple that would make it better for everyone?
Lucy pulls out the football before the best trained field goal kicking Charlie Brown can get in a kick.
I was able to run an application with full control over the system! I just had to put sudo in front of it and provide the right password.
Like the time I hacked Steam, I just entered in my name, email, and credit card info and BAM instant online games baby!
Ditto on the blackhats keeping the best ones under their black hats. This genius ran a known hardware issue on a new OS, *as root* and it worked. Get this girl a cookie.
I hate to tell you this, but the hack to allow unsigned drivers had (and is) already been fixed in the latest Vista builds.
http://news.yahoo.com/s/zd/185371
-- "I never gave these stories much credence." - HAL 9000
I'd be embarrassed for anyone who thinks this is a hack. Yes. An admin can install software. No. You should not install stupid software. Lame.
This person must be the George Bush of hackers.
Blue Pill requires special hardware (AMD Pacifica). Linux on the same hardware whould have been compromised too.
Another windows-haters spin.
It's obviously C++ at fault, eh? ;p
'Yes, firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.'
Oh man, a program that will let me run code in administrator mode... that would be sooooo sweet *cough*
Blessed are the 1337, for they shall pwn the earth.
After all these years, I really hope that Microsoft finally releases an OS that is comparable in security to it's competition. Hopefully however, these securities won't come at too much of a price as to what the user can do.
Klingon Software is not released, it escapes, inflicting terrible damage onto the enemy as it does
a 'security hole' in XP (2k3/2k/nt/98/95/3.1/ms-dos) has ever kept an MS product from FLYING off the shelf...
give the 'average user' all 5 (or six) of the latest, _easy to use_ *nux and happily he'll waddle his fat ass right up to bestbuy and have a copy of vista... llooongg before he ever figures out how to use crontab, configure the network or learn what a man page is; gladdly paying the $300? $400? for an MS os/office bundle. the 'average user' is a dumbass and no amount of security will fix that. remember, these are the people in the video professor commercials
"oh, my three year old knows more about computers than i do..." and no one who knows her is the least suprised.
when the release date draws near, I am buying MS stock...
Sure, let's ignore that Microsoft Windows XP still sets up new users with full admin rights on first setup. You're damn right I'm going to blame Windows for setting everyone up as admins in the first place, even in 2006 when they know better and should have fixed it in SP2.
"Sufferin' succotash."
The BIGGEST system engineering flaw (present and future) to Windows Vista is MSFT zeal to maintain backward compatibility as well as TOO SLOWY roll out the needed security features (Blue Pill or not).
Some of the problems immediately identified are:
1. Legacy applications' poor handling on privileges still poses a foot in the door to the Lord of the "Ring 0" land.
2. Lack of secured code training will continue to be plagued by newest Win-V applications
3. Temporary admin priv is a crock. No different than Unix's sudo or GUI admin popup dialog box.
The best course of action for our future well-being is to revert back to the antiquated but still effective DoD Orange Book Trusted Level B1 for trusted but verified deliverable operating system (commercial or open-source).
This means, signing drivers, ActiveX, COM, DLL and ALL system task (even the ones in system tray). The mere logistical and financial nightmare of managing the signing events will all but daunt the savviest sysadmin. For Open Source SW, a mechanism for self-signing open-source drivers (which would then only be tied to a specific machine) as well.
So, this isn't about Open Souce vs. Commercial software anymore.
The future computing battleground will be largely centered NOT between the FOSS and MSFT/OS-X BUT between the trusted-but-verified software and not.
Even without the efforts of third party developers it is basicly impossible to run windows with a limited user account--why in the world did Microsoft decide that not allowing people to add USB deviced in Windows XP Home was a good idea!?
This is about x64 driver signing. In Vista 64, drivers *cannot* run if they are not signed by a corporation who has paid the "VeriSign Tax" *. Even if the administrator requests it, they will not run. This is retarded "security", and it will keep being broken until Microsoft either gives up or forces everyone to have TPM bootup (more likely the latter).
/dev/hda) and overwrite the MBR, then call NtShutdownSystem to reboot. If you take away raw disk access to user mode, then you get more esoteric. Detect when a blank CD or DVD has been inserted. When the user requests to burn it, intercept the write request and burn something else instead. Act like a system crash and reboot after it's done. Most computers are configured by default to boot from CD first.
It infuriates developers, yet doesn't do anything for preventing rootkits, as Joanna has demonstrated. As long as user-mode programs have raw disk access, they will be able to attack whatever they want.
I have a feeling that Microsoft's response to this will be to lock out raw disk access to user mode regardless of privilege. Keep in mind that even SELinux does not do this. All disk utilities would have to be written as signed drivers. The problem here is that developers won't stand for it, and will make signed drivers that grant access again. Then the rootkits can just copy these signed drivers then use them to do the same thing.
Even if Microsoft encrypts the page file or removes the ability for the kernel to page itself out, raw disk access is still an issue. You can always open \Device\Harddisk0\Partition0 (NT's
The real reason for driver signing appears to be DRM. The easiest way to "crack" song DRM is to install a fake audio driver that logs to disk. With the DMCA, it's illegal to make such a driver, and with driver signing, it's impossible to do it anonymously. If you temporarily disable driver signing - which is possible if you press F8 each boot - Vista's Windows Media Player refuses to play protected songs. Gee I wonder why.
By the way, I thought of the same pagefile hack as Joanna on my own and posted it on my weblog in early June. I'm sure Joanna figured it out long before me though.
* There are other root certificate companies that are countersigned, but this is a well-known phrase.
Melissa
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
hole is a hole, but as written, you need system administrator account to exploit. So it's local root-only exploit. So could we say it's comparable to user that receives script like
#!/bin/sh
find / "*" -exec Rm -rf {} \;
in e-mail, and runs it as root? Nothing protects from user stupidity.
Informative
In theory, there's no difference between theory and practice; in practice there is.
Here is some real info on how the hack works, thanks to google:s p
http://www.eweek.com/article2/0,1895,1983037,00.a
Seems to me, lots of OSes will have a problem with this until they figure it out. Could it be a hardware security hole?
handing out 3000 copies of a beta version is nothing. wait until millions of morons are running vista to see how mukked up it can get. as soon as there's a "market" for the crooks, they'll start pumping out the nasties.
The exploit has nothing to do with Vista in particular. It seems to exploit the Pacifica virtualization extensions in the newer models of AMD to create an on-the-fly VM. Here is the original author's blog:
http://theinvisiblethings.blogspot.com/
Yup easy as pie. That amounts to what mr black hacker did with Vista.
...a ring-3 circus to me.
I'll get my coat.
Read all about it! Anonymous Coward is going to switch operating systems.
Deleted
Doesn't look like it:= 15864368
http://it.slashdot.org/comments.pl?sid=193364&cid
The point of the Blue Pill demonstration appears not to be that there's some security flaw in Vista, but that, if you can somehow get Administrator access to any x64-based system (i.e. not just Vista...) then you can switch that system from running directly on the host hardware to effectively running within a virtual-machine that looks identical to that hardware, but over which you have complete control. Nothing on the host OS has any way to detect that this has happened (except, I suspect, through performance monitoring, etc), so no virus checker can protect systems from it.
Since when do black hats report their work to their victims?
I mean... white hats do... grey hats might... but what kind of black hats would?
Admitting you like Windows? No wonder you are posting as Anonymous Coward!
You just have to figure out what it is that they do require. It varies, often it's as simple as write access to their program directory, sometimes it's write access to parts of the registry, etc. I deal with this fairly often since we run lots of oddball engineering apps in our labs, and there is no way peopel can have admin, period. It can be a pain to get shit to work, but I find that most of it CAN be made to work. Of course the programmers should be doing it, not me, but still, it can be done and if you are going to admin your setup properly you do it.
To debug programs using visual studio, you have to have an administratvie account, OR be part of the 'debuggers' group.
The reason for this is that an attacker can do serious harm with a debugger.
belonging to the debuggers groups does not give you any other privileges apart from being allowed to debug processes.
But of course, you were too lazy to find this out for yourself, or you knew but decided to troll.
There's a middle path between breaking legacy apps and running them in a VM. Vista virtualises access to the filesystem and registry so legacy apps think they're changing system settings but actually they're only writing to the per-user areas. Obviously that won't help Starforce run but that's an extreme case.
Well, this is wrong, but seriously, now. Didn't anyone do a GIS for her?
1 65482_64981000.jpg
http://www.spiz.ae.krakow.pl/uploaded_images/1123
I think we need a new security officer here....
I'm sorry for that. I know I'm part of the problem.
But do they walk with their feet a yard apart?
Why should third-party programmers learn better practices? They know that they can release software that doesn't work on limited accounts, and 99% of Windows users won't even notice, thanks to Microsoft's stupid defaults. The only reason they'll have to change is if MS changes the default so they'll HAVE to fix their software. I hope that will happen with Vista, but I'm afraid that will be the next improvment that Microsoft decides to drop.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Yep. Let the patching begin.....now.
I think it is a good thing that Microsoft invited hackers to try to attack the system before it is released. A lot of people are saying how the black-hats will get a head start and not tell anybody the bugs they find. However, these guys would have found the bugs in the future anyways, and would exploit them. If one hole is found and patched, the system is safer already. These type of exercises are conducted in cryptography too. Ex: RSA offered a reward for anybody who can decrypt some of their keys, their 200 decimial digit key was factored using parallel computers, but it was found that it would take 55 years on a normal computer to crack the key. It gave them a good idea about what size keys they need to protect information for long enough (i.e. long enough so your credit card expires before someone can decrypt your transaction and buy stuff with your card, etc). Here is an interesting article I read in a class about other systems failing: http://web.mit.edu/6.033/www/papers/wcf.pdf. Banks and ATM machine makers just tested their machines internally before putting the ATMs to use. What happened? People found ways to withdraw money from ATM machines from other accounts, people figured out how to crack pins, how to clone other ATM cards and accounts,... tons of hacks. And this was fairly recent, in the 1990s. Having one internal group to test the security is not enough. Inviting the whole world to test the security before release is much better. What would be best is if Microsoft offered some source code too (much like Linux), so the hackers can have complete information. That way most of the problems can be found and fixed beforehand. But that would never happen since they are corporation and their primary goal is to make money. But inviting attackers is a step in the right direction. What is unfortunate is the deadlines. The shareholders want it released so they can make some more money. The media is trying to make it sound like Microsoft programmers are incompetent. Security is a "negative" goal. It is easy to prove that a system can be broken, you just come up with one hack, one example. However, how do you prove that a system cannot be broken? You have to try every single possible attack. Prolem is you don't know what the attacks are. It takes time to make sure security is at an acceptable level before it is released.
So the black hats manage to penetrate Vista... from admin mode. You run any OS as root and the box is already owned. Actually, this might be a good sign for Vista. If this is all the black hats could come up with, wouldn't that put Vista among the most secure OS ever made? Of course, there's always the plausible deniability that the black hats just haven't published any of the REAL Vista exploits yet.
You have tried to support your argument with faulty reasoning! Go directly to jail; do not pass Go, do not collect $200!
There is an exchange in that movie "Pirates of Silcon Valley" near the end that
goes something like:
Jobs: But our operating system is better than yours.
Gates: It doesn't matter.
This exchange rings pretty true for Microsoft. You have enough monkeys out there
buying it even though it is horrible, so why waste the money trying to make it
work well?
Neither linux or the *BSD variety OS's are as user friendly as windows, so there
is really not a "free" substitute to windows for less than technical savvy. You
can argue that OS X is a substitute, but OS X is still only legally available for
hardware sold by Mac.
So if you have no competition, why waste R&D on making the perfect OS?
Trying so hard to not be like the other guy.
Instead of instituting a simple concept like Super-Users, we'll just train everyone to think that if you click "ok" enough times your computer will work. Excellent . . .
"By the time they had diminished from 50 to 8, the other dwarves began to suspect 'Hungry.'" -Gary Larson
"Doomsday device? Ah, now the ball's in Farnsworth's court! [Presses a button, revealing a vast and fearsome arsenal of doomsday weapons] I suppose I could part with one and still be feared..."
Slashdot: Where anecdotes and generalizations can be freely substituted for facts, logic, or intelligence
Sorry about this, but are you the rifftide from youtube? ;-)
I thought I was in love. But then I thought, she's gottuh be cool, but what fun is it to run around screwing stuff up all the time. I mean, real hackers build things.
I think I'll stick with Gadget Hackwrench, sigh.
Even if Vista is far more secure and much harder to hack, if it has the largest install base it will have the most vunerabilities.
No, no no no no! This is not true. There is absolutely no correlation between usage volume and the presence of vulnerabilities. None whatsoever. It is nonsensical to even imply that there would be. Code is written, compiled, and then run. No matter how many people run the individual binaries, the number of vulnerabilities in said code will not change.
There may be more profit and thus motivation to find them, but that has no impact on their existence.
However, I question that MS has more known vulnerabilities because "more people are trying". The counter is that old "given enough eyes all bugs are shallow" maxim. MS products may hav emore peolpe working against their binary distributions, but (popular) open source products have more people viewing the source of the bugs.
Lest I stray from my point, I'll reiterate and finish:
The number of users of individual programs has zero bearing on the number of defects and/or vulnerabilities in the code. If you think about it, saying that "more people use it" is why MS has more vulnerabilities/defects is essentially blaming the user for coder mistakes. Again, this is nonsense.
My Suburban burns less gasoline than your Prius.
Comment removed based on user account deletion
The poster could be a Black Hat posing as a Gray Hat, warning you off the Black Hats and the White Hats. Or, maybe it's a White Hat bait for Gray Hats - just to test them. Or, maybe it's reverse social engineering. He wants you to think you're being socially engineered by Gray Hats, but you're not, and you'll need someone to check them out. Sheesh. You know, it's impossible to know who's safe. You should probably just avoid anyone who knows anything about security.
Or, I might be a Black Hat.
Or, maybe the color of the hat is merely a function of the intensity of light shown on it.
Until you learn how to do Vulcan Mind Melds, you'd better SHUT OFF ALL YOUR COMPUTERS RIGHT NOW, UNPLUG THEM, AND LOCK THEM IN A CLOSET LINED WITH LEAD.
You don't want to endure a DOS attack do you?
Anyone who knows jack about operating systems, knows that Windows is the worst nightmare of an OS ever to manifest itself on this earth. No one in their right mind would use that crap.