Slashdot Mirror
64-Bit Vista Kernel Will Be a "Black Box"
ryanskev writes with news from RSA Europe, where a Microsoft VP spoke bluntly about the lock-down that will apply to 64-bit Vista. From the article: "Microsoft will operate 64-bit versions of Windows Vista as a tabernacle, with the kernel as the holy of holies, where only its own high priests of security may venture." While Microsoft has seemed to be making some concessions to the likes of Symantec and McAfee, considerable doubt remains as to their ultimate future.
Microsoft executive clarifies recent market confusion about Vista Security
The only way to run kernel code is drivers, 32 bit drivers are currently only sometimes signed. ALL 64 bit drivers must be signed, or they won't be loaded. This is why there is a distinction between 32 bit and 64 bit Vista.
The main reasons they aren't implementing the same thing in 32-bit Windows is because of "limitations of the 32-bit architecture" that apparently don't let them do what they want, and since a lot of programs already patch the syscall table in 32-bit windows, it'd break compatibility with a lot of software to change it now. Binary compatibility for drivers that patch the syscall table on 64-bit Windows isn't an issue because 64-bit Windows for AMD64 has always prevented syscall patching. They figure that the 32->64 bit change is big enough to pile on some more changes, like this.
This has more to do with system stability than it does for security. Many syscall interceptors are not multiproc safe or do bad things: if the computer bluescreens because of a poorly written syscall interceptor, Microsoft gets blamed for writing unstable software. The syscall interface is considered an internal interface, not to be tampered with by outside parties because its behavior has subtleties not documented, and could change. This is a technical enforcement of that policy.