Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Companies Tussle With MS Security Center

Posted by ryuzaki0 on from the antitrust-redux dept.

hey0you0guy writes, "The large security firms such as Symantec and McAfee want Microsoft to allow them to replace Microsoft's Windows Security Center. Microsoft is refusing these requests. 'By imposing the Windows Security Center on all Windows users, Microsoft is defining a template through which everybody looks at security,' Bruce McCorkendale, a chief engineer at Symantec, said in an interview. 'How do we trust that Microsoft knows what all the important things about security are to warn users about?' Given Microsoft's past, with vast piles of security flaws and patches, they should at least cooperate with these companies. A dispute still exists over PatchGuard, a security feature that Microsoft says is designed to guard core parts of the 64-bit version of Vista, but which critics say locks out helpful software from security rivals."

5 of 225 comments (clear)

  1. "Security Center" is doublespeak by Weaselmancer · · Score: 2, Interesting

    And that's why MS will never allow other companies to replace it. It seems to say "this makes the user more secure" but it actually says "this makes US more secure". Notice how that is the vector that allowed Microsoft Genuine Advantage onto all the XP machines. Which is also doublespeak - there is no advantage to the user, only to MS.

    If these guys think MS will simply hand over the keys to that much control, they're nuts.

    --
    Weaselmancer
    rediculous.
  2. Re:It's Microsoft... by king-manic · · Score: 2, Interesting

    I don't agree a media player or a web browser but I do beleive security should be part of the kernel.

    --
    "There are more things in heaven and earth, Horatio, than are dreamt of in your philosophy."
  3. Re:Silly question by Shadow99_1 · · Score: 3, Interesting

    This is the very same thought I had...

    Even if they only give the method to approved companies... What's to stop some nut job programmer for Mcafee or Symantec creating a piece fo code that only disables WSC and letting/allowing/or causing writers of malicous code that same ability... I doubt theyed be able to track such a thing back to a single programmer working for either company and I can imagine some large slices of change from places that want to write malicous code for such an ability...

    Also wants there is a way to turn it off (without user intervention), then what stops someone from accidentally stumbling across it?

    --
    we are all invisible unless we choose otherwise
  4. ReactOS developer said it best by Anonymous Coward · · Score: 1, Interesting

    AV Companies: Learn to CODE!
    This guy probably knows more about Windows' guts that anyone outside Microsoft.

  5. Re:Bad track records all around by Foolhardy · · Score: 2, Interesting
    LOL... The print spooler in NT 4 through 2000 SP4 was moved into Ring0, which allows bad print drivers and malformed jobs to at least, BSOD the system, or worst case, execute arbitrary code... That's secure!
    First, the print spooler runs in the Spooler service hosted by the user-mode spoolsv.exe process. I agree that having printer drivers running in kernel mode is ugly, but only NT4 required such an arrangement. It was done because printers are just another type of display device that has to talk to GDI, and as you noted, GDI moved to the kernel mode win32k.sys in NT4. NT3 had the GDI server in user mode, and 2000 supports "version 3" printer drivers that run in user mode.
    They also moved GDI into the kernel in NT4 which allows crappy video drivers to BSOD the system. Though this provided a good performance improvement, it still does compromise security for performance!
    Compare NT3's user mode Win32 server (winsrv.dll in csrss.exe) and NT4+'s kernel mode Win32 server (win32k.sys) to a standard X-Windows on UNIX:
    • Killing the server ends the life of all client processes in all three cases.
      1. Since all meaningful processes in Windows are Win32 clients (the Win32 server provides more services than just the GUI), this puts the OS into a fairly useless state in the NT3x case.
      2. In NT4+, the kernel bugchecks, terminating all current activity.
      3. With X-Windows, all of the user's GUI apps die. For a workstation, this likely represents everything important.
    • The server is highly privileged because it has to access the graphics hardware.
      1. In NT3, csrss runs with the SYSTEM token, effectively granting total control over the computer; if the Win32 server is compromised, so is the machine.
      2. Since win32k.sys runs in kernel mode, compromising it also grants full control over the machine.
      3. X-Windows normally runs as root (without resorting to slow wrappers), and so do many window managers. Compromising these also compromises the entire machine. Even if X doesn't run as root, it's likely that unfixable privilege escilations exist due to the control over the video hardware and memory mapping that the X process has.
        X can be somewhat safer with some extra work and overhead.
    The issues you've brought up are comparatively minor implementation choices compared to the design of the authorization and authentication systems.