Slashdot Mirror
ATI Driver Flaw Exposes Vista Kernel to Attackers
Shack0ption writes "An unpatched flaw in an ATI driver was at the center of the mysterious Purple Pill proof-of-concept tool that exposed a way to maliciously tamper with the Windows Vista kernel. The utility, released by Alex Ionescu and yanked an hour later after the kernel developer realized that the ATI driver flaw was not yet patched, provided an easy way to load unsigned drivers onto Vista — effectively defeating the new anti-rootkit/anti-DRM mechanism built into Microsoft's newest operating system. Ionescu confirmed his tool was exploiting a vulnerability in an ATI driver — atidsmxx.sys, version 3.0.502.0 — to patch the kernel to turn off certain checks for signed drivers. This meant that a malicious rootkit author could essentially piggyback on ATI's legitimately signed driver to tamper with the Vista kernel."
Ironic that ATI drivers are the first major downfall of Vista.
ok...
so windows vista trusts ATI.
ATI trusts themselves.
I don't trust no one, especially closed-source drivers from ATI.
shouldn't they simply replace their "fglrx" with "ati", in their xorg.conf?
Vista has an anti-DRM mechanism built-in? Wow, and I thought Linux stood for free sofware... way to go Redmond!
Where is that guy who'd die defending what I had to say when I need him?
"... effectively defeating the new anti-rootkit/anti-DRM mechanism built into Microsoft's newest operating system." Increased security and anti-DRM? I guess Microsoft is finally listening to what consumers want!
if each driver had its own separate space, this flaw wouldn't affect the rest of the system.
I wonder (obviously not a kernel developer here), would a micro kernel prevent these types of problems, where malicious code which normally wouldn't have permission to do things, attack a part of the kernel (video driver) which does and so gain permissions?
When hardware drivers are responsible for system integrity, all hope of safety is permanently lost. Introducing the new battleground for virus writers... fake patches:
YOUR VIDEO CARD NEEDS NEW DRIVERS: CLICK NEXT!!!!!
The dangers of knowledge trigger emotional distress in human beings.
FTFA, quoting a Symantec senior manager: "Basically, that ATI driver has functionality that allows you to read and write kernel memory. It's either a bug or a feature of the driver." I guess it's a feature to the bad guys. To everyone else, it's a bug.
hi troll.
See, MS said this wouldn't be an issue. Specifically this. Regardless whether ATI has an issue, the Vista kernel shouldn't sign something that can be modified, without the signature changing.
The fact that people are actually going to the lengths of breaking into Windows by using a legitimate driver with kernel access to load in rootkits...the fact that it even requires explaining, means that Windows has reached some type of real security. I mean, with Windows 98, you would just hit enter on the login dialog box, and there you were!
Hopefully I didn't put any [] around my words.
It starts here, with me. Microsoft is making driver devs jump through hoops with the whole signed-drivers thing when all it takes (as has been shown in this case) is ONE signed driver with ONE exploitable flaw to break the whole scheme.
What are Microsoft going to do now? Revoke the key they used to sign drivers with? How many copies of Vista wich verify drivers with the now-revoked pubkey have already been sold? How many devices were sold in retail with drivers which will no longer JustWork(tm)? Will Microsoft and the OEMs have the resources to re-certify each of those, or will they sign blindly?
Each of those probably stands a 50-50 chance of being either rooted or patched with the new key the first time it's connected to the 'net. How's that for convenience?
Oh, did I mention that finding another bug in another driver signed with the new key will mean the whole process must be repeated?
Oh and did I mention that if someone finds such a bug and sits on it, they have root to any Vista system in existence, until the bug is found and fixed (which may be never)?
Something bad is coming when people are suddenly anxious to tell the truth.
Seems like the real concern is not that ATI's code opens a security hole. You know ATI will patch it. A more important question is, how many other securely-signed drivers, etc., have similar holes? How many drivers are there in a typical Windows Vista system, anyway?
At least Microsoft can say (with some truth) that it's not THEIR software which introduces the problem! (it actually is, of course, but not directly)
$nice = $webHosting + $domainNames + $sslCerts
Yes.
n/t
I don't think you have any idea what you are talking about. Do you actually know what code-signing is and what it is used for?
A kernel-level driver can own a system? No shit!
(BTW, that's one of the reasons drivers need to be signed to run on Windows Vista x64.)
I'm interested in how you came to the conclusion that a machine hooked to the net has a 50-50 chance of being rooted by a local exploit. It seems extremely unlikely that 50% of the people who hook up to the net on an x64 box (tend to be technical folks on x64) are going to be all visiting malicious sites, and be tricked into running malicious code that they have to choose to run. Oh, wait - you just pulled those numbers out of... air? or something else with three letters?
Very quickly.
u rity/2100-1012_3-6032344.html
You must be new here, so I'll try and enlighten you.
You see, Microsoft is a lot like the smelly kid in 3rd grade that
used to drop a load in his shorts and not say anything while
everyone wandered around trying to figure out what died, where.
After a few of these episodes, whenever there was a strange smell,
it would come to pass that the smelly kid dropped another load.
Now, to make matters worse for the smelly kid, imagine him running
around telling everyone that he has solved the problem*. People are
relieved for a while until, guess what? The smelly kid drops another
load. How can this happen, isn't this supposed to be fixed?
This insane cycle of disappointment/re-assurance causes people to
get cynical very quickly and as a result, causes people to start complaining
very quickly.
[*] - http://news.com.com/Allchin+Buy+Vista+for+the+sec
boycott slashdot February 10th - 17th check out: altSlashdot.org
Ye shan't have your liberty, do what ye will
As long as salt water is formed in the deep
A foot on the necks of the croppy we'll keep
And drink, as in bumpers past troubles we drown,
A health to the lads that made croppies lie down
Down, down, croppies lie down.
From the article:
For my part, I'm not going to play the blame game since I don't know better either way. I am, however, in some strange way comforted to see that Windows users are starting to have issues with ATI drivers, too.
All those years of trying to get fglrx to work, avenged!
So, is that what you call passive aggression?
weirdest thing I ever saw: scientology advertising on slashdot.
(BTW--I've been using Linux as my primary OS since 1996, so no I'm not Linux bashing)
Well, one thing to consider is this -- how different are other OSes like Linux? With Linux, a root exploit in a kernel module gains you access to the whole system as well, especially when you consider that it uses a monolithic kernel. IOW, kernel modules directly patch the Linux kernel, live, in memory. Now consider that the ATI drivers for Linux are based at least in part on the ATI drivers for Windows.
Mind you that some things like SELinux might help to mitigate some of this in some scenarios, but not in all.
My blog
Actually I'm amazed it took almost a year. I would've betted my annual income that something like this would surface before May.
Let's take a look at the inner workings of the system. Yes, MS has full access to the source code, so their drivers will probably not leak. They also have no "real" competition on the OS market (yes, there's Linux, there's MacOS, but what company would switch?). They can take their time to proof and perfect their drivers until you can be certain that they don't leak.
Do third party vendors have the source? No. Do they have tight schedules and competition breathing down their neck? You bet. Will they prefer performance or security? Well, what of those two is tested on pages like THG?
Worse yet, what if such a driver actually allows a user to "crack open" his system and use it as he pleases? Could you see people buy a cheap ATI card just for the purpose of disabling the DRM? I mean, there have been really, really crappy games for some consoles that sold surprisingly well, because they contained a bug that allowed disabling certain security measures. Save-game exploits were quite popular for a while.
Could you see that this "security" bug could actually be a selling argument FOR the hardware rather than against it?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
So the reason ATI is not giving us Linux users free drivers, is because they care about the security of our systems. Talk about irony!
Res publica non dominetur
In Other News
The fglrx module expects the registers related to Thread Local Storage to be in a certain state. If you mess around with it, you can cause a kernel crash. Try running wincecfg from =0.9.31 includes a check for fglrx in TLS mode and aborts), it will crash the kernel with 100% repeatability. You can find details in ATI and wine bugzillas.
I always wondered if this could be turned into a more dangerous security exploit. And now I wonder how much code is shared between fglrx and the Windows driver, as it seems it has similar bugs.
Each of those probably stands a 50-50 chance of being either rooted or patched with the new key the first time it's connected to the 'net.
It's a local exploit.
did I mention that finding another bug in another driver signed with the new key will mean the whole process must be repeated?
Third parties write crap, exploitable code and it's MS's fault? You can write exploitable kernel modules for Linux as well, yet somehow I don't think you'd be blaming that on Linus. If anything, this is an argument for open source drivers, not against MS's scheme - although how many people actually have the skill to audit the code they run, let alone auditing it?
did I mention that if someone finds such a bug and sits on it, they have root to any Vista system in existence
Every Vista install that uses the exploitable driver, you mean. Just as an exploitable driver for Linux would open every Linux install that uses that driver. For example, I have an NVidia card; as and when I upgrade to Vista, I won't be vulnerable to this particular exploit.
Try to tone the hyperbole down a little, it's not very becoming.
It's official. Most of you are morons.
At least Microsoft have a key to revoke, when this happens (probably just a matter of time, if it aint already happned) on OSX, Linux, *BSD etc you wont even get that unsigned driver warning.
But you'll also find that the Linux kid will also drop a "load in his shorts" if he's using a kernel module with a flaw that can be exploited.
It is impossible to prove that any piece of software is 100% bug free. Impossible. Regardless of your operating system, if you trust kernel-level drivers (you actually want to *do* something useful with your system?), chances are that somewhere there is an exploitable flaw. It's just that no-one may have found it yet. There is no such thing as a 100% secure system.
biopowered.co.uk - catalytically cracking triglycerides for home automotive use since 2008. Just say no to big oil!
And this is why I have used nVidia hardware since I upgraded from my Voodoo 3 3000. While ATI and nVidia may go back and forth in hardware performance, nVidia has much better driver support on Linux or Windows.
*Still rather upset That there is no linux acceleration driver for the ATI Rage Mobility in the original iBook, I would much rather run Linux on it than OS X or OS 9.
You say you want a revolution....
Are the unsigned drivers loaded with malicious intent going to sit around and wait for Vista to do what it wants to do next?
--
Off topic question:
Does anyone know how to run the Win XP command prompt in fullscreen mode on the main display and mirror it to a secondary display? Video output (on the mirror) always seems to die when command.exe is put into fullscreen mode. Does not seem to matter the make/model of video card or motherboard.
But it would only appear on the frontpage of /. after two or three days, once it has been fixed.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
Verisign just signs the driver author's certificate, and even then just to say "these guys are who they say they are, and they're doing code signing with the key matching this certificate". They most certainly say nothing at all about the correctness of the drivers; that's up to the driver author (and maybe Microsoft too).
"Little does he know, but there is no 'I' in 'Idiot'!"
If you're paranoid, you can build a kernel with all the drivers you need and disable module loading. It isn't something I would do but .......
Actually, Windows will accept only stuff signed by Microsoft itself, and they take a hefty chunk of change for the privilege. You cannot also choose to have a driver which Microsoft doesn't like signed -- so that state-of-the-art professional sound processing tools are a no-no if they somehow can be used to record "premium content". Or if, say, the driver's authors somehow competes with MS.
VeriSign can sign only SSL certs and certain less-well-known types of keys for you.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
And it takes ONE patch to fix it.
Let's be real here. It's not like DRM'd music or media, where once it's cracked, there's no way to uncrack it.
the Linux kid will also drop a "load in his shorts"
No, he will dump a core in his shorts.
Follow me
Yeah, I know. I've been using Linux really since the very early days of Slackware (just not as a primary OS), so I remember before there were such things as kernel modules. ;)
My blog
This is exactly why the OpenBSD folks have been fighting against binary blobs and demanding open source drivers for hardware. Too many other open source OS's will gladly take a closed binary blob so that they can run hardware. And that leads to possible exploits down the road.
Oops, I guess not....
8 .html
Because WPF is largely written in managed code on the common language runtime, it never ran in kernel mode. There are elements of WPF (called the MIL) that are written in unmanaged code, but that code also largely runs (and always has run) in user mode. Insofar as WPF needs to touch kernel mode stuff (e.g., drivers), it interacts with them through the existing DirectX APIs. The user mode and kernel mode aspects of the WPF architecture haven't changed.
http://arstechnica.com/news.ars/post/20051216-578
So what did Microsoft gain with the Vista GDI changes?
Enjoy,
It's just the normal noises in here.
http://www.mhall119.com
Every Vista install that uses the exploitable driver, you mean. Just as an exploitable driver for Linux would open every Linux install that uses that driver. For example, I have an NVidia card; as and when I upgrade to Vista, I won't be vulnerable to this particular exploit.
Errr... Are you sure? The bad guy can bring the ATI driver with him, and load it on your system. The key question is whether it will stay loaded long enough for the exploit to work even if the hardware is not present. At Blackhat this year, a bunch of similar exploits in Vista drivers were described, and at least some of them (possibly all) did not need their specialized hardware to load and stay loaded on the box.
Also, please note that getting your own signing key is not difficult or expensive ( $1000 ) and then you can sign any old chunk of malware that you like. Of course, you might want to make it do something useful as well so as to give yourself plausible deniability if it gets detected.
Intel has been supporting open source drivers for their video hardware for quite some time now. I suppose the hardware isn't nearly as sexy as that from nVidia or ATI, but it is an option.
Laws do not persuade just because they threaten. --Seneca
n/t
which needs more than "n/t" since apparently this needs to be more original as someone has used the same comment before.
I'm not going to blame Microsoft. I'm going to blame the various countries' legislators for not passing a law demanding that driver Source Code be published as a condition of approval of hardware for sale.
If there were such a law on the books, many vulnerabilities would be flushed out. The closedness is at the very root of the problems, and the only way to solve them for good is to enforce Source Code availability.
(I don't buy your "Let the Free Market Decide" bleatings. I can see where you're coming from, but you have to realise there is no free market in the computer hardware sector anymore, just a cartel of vendors who use various dirty tricks to prevent competition from outside. In this situation, only Government can make a difference.)
Je fume. Tu fumes. Nous fûmes!
News like this only reminds me why I've stopped buying ATI video cards ... their drivers have always sucked big dead bison balls.
Do I need to say why Microsoft likes signed drivers? Do I need to say why Linus likes to break out-of-kernel-tree drivers? Both reasons are equally idiotic, btw.
My blog
Now, seriously, what's "purple pill"?
Extreme Programming - Redundant Array of Inexpensive Developers
Your troll-fu is weak, Daniel-san. Only when you can praise Jon Katz will you be ready.
How long before a signing tool comes out?
This whole business of "signing" is ridiculous. It's no safer than the current model. Perhaps even less safe, as it gives both the OS programmers and the end-users a false sense of security. "You can trust a signed driver."
No, you can't.
The only way I can see to make a truly safe system is to run each driver in its own VM, and create a virtual network between the drivers and the core OS. Each user-end program would also run in its own VM, and IPC would occur via the system network, rather than direct system calls. Each IPC message would have to have a signature for types of input (data type, string length, etc) and a common, well-audited message dispatcher would have to validate each message for conformance.
This is microkernel architecture on steroids, meaning it's big and slow and dumb, but solid. Even then, a single security flaw in the VM system would compromise the entire system.
Microsoft is to software what Budweiser is to beer.
Malicious to whom? This systems seems designed more to prevent the installation of kernel-mode drivers that would allow the circumvention of things like DRM. I guess it could stop the installation of rootkits too, but there are other ways to stop them. It's funny (to me at least) that there are things that Windows can stop even an Administrator from doing on their own machine.
http://www.mhall119.com
What are Microsoft going to do now? Revoke the key they used to sign drivers with?
They could just blacklist the ati driver in question. Of course that alone would probablly cause a LOT of customer upset.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
Yes, but you'll understand why I'm unwilling to give Microsoft the benefit of the doubt, or another chance.
Why is MS allowing 3rd party drivers in the kernel in the first place?
...and just when you thought Vista was secure, somebody finds some way to break in...
1. It is important to use the correct names for things. The word "terrorist" is subset of "criminal". My working definition of 'terrorist', which can doubtless be improved on, is: one who uses violence to create terror or panic within a populace in order to achieve political ends. Without the political component, a terrorist is simply a criminal guilty of assault, murder, theft, etc. and should be caught and prosecuted accordingly. By using this term incorrectly, you are just as guilty of spreading FUD as the U.S. government. While this may be an effective way to get attention, it is alarmist, unethical, and immoral.
By expanding the meaning of the term, the government has been able to greatly expand its power at the expense of its citizens. It certainly is important to catch and prosecute cyber-criminals, but discuss it rationally and pass appropriate, targeted laws to deal with the problem. More importantly, enforce the ones that already exist.
2. In most cases, a non-anonymous network would probably be fine, as long as encryption was used to keep data private. Unfortunately, we live in a world where, in some places, using encryption will get you tossed in jail, regardless of the content. In other words, it can be important to hide not only what you sent, but the fact that you sent it. A concrete example would be blogging in China. Given recent events with the NSA, I wouldn't be surprised if the U.S. government starts to take a more active role in discouraging personal strong encryption. How do we solve that problem?
3. Guantanamo is one of the worst violations of human rights in recent history. Even the basest criminals are entitled to due process. That's what makes our system justice and not revenge. The United States is NOT the world police. There is a process to be followed to enforce change in other countries. The lack of serious international backing is part of our problem in Iraq. The U.S., despite being the last world superpower, does not have the resources to fight every battle and prosecute every crime that other countries won't deal with.
You are right that we need effective computer crime laws and effective enforcement of them. The way to do it is to lobby other countries for this and establish treaties with them. Use diplomacy and sanctions where necessary. It isn't impossible; if we can get intellectual property laws perverted across the globe, surely we can expend the effort needed to reach cyber-criminals where ever they choose to hide.
4. The government is supposed to work for us, but it needs watching. One of the most important lessons of modern history is that we have to be active and mistrustful of government, in order for it to function correctly. The Bay of Pigs was the first warning and the Watergate scandal made this manifest. The Iraq war, NSA wiretapping, and the PATRIOT Act are examples of what happens when we fail to perform our role of government watchdog. I'm not going to trust the government on who the bad guys are. I want the FBI, the CIA, Interpol, etc. to gather evidence and arrest criminals and bring them before the appropriate judicial authority and prove their case before the public.
You are correct that this is a serious international problem and needs serious international intervention, but it also has to be done right.
======
In X-Windows the client serves YOU!
"Seems like the real concern is not that ATI's code opens a security hole. You know ATI will patch it."
That's a really naive attitude. I think Bruce Schneier put it best: "Once you stop thinking about security backward, you immediately understand why the current software security paradigm of patching doesn't make us any more secure. If vulnerabilities are so common, finding a few doesn't materially reduce the quantity remaining. A system with 100 patched vulnerabilities isn't more secure than a system with 10, nor is it less secure. A patched buffer overflow doesn't mean that there's one less way attackers can get into your system; it means that your design process was so lousy that it permitted buffer overflows, and there are probably thousands more lurking in your code."
I say to ATI: your Kung Fu is lousy. This would also be why I haven't (on purpose) purchased an ATI card in years, and also why I continue to be disappointed with some of Apple's hardware choices. At least Apple manages the ATI drivers themselves, but if you wanted to use BootCamp (...). We know ATI does software as well as Microsoft does hardware (how many Xbox 360s are dead?); why do people continue to buy their snake-oil and bullshit?
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
What is this "our" crap? Not everyone uses Windows. Windows is defective by design. You do not need to defend against malware if your operating system is already designed ground up to prevent methods of bad behavior known in computer science for decades. Windows Vista is just a hack on top of all the prior Microsoft Windows releases. While Microsoft Windows itself is just a hack on top the profoundly insecure and stunningly badly-coded DOS.
You cannot build a decent building if your foundation is rotten.
Microsoft is guilty of profound neglience in its operating system/Office suite monopoly.
But when you have that much money it is easy to buy off the judges.
Yeah, but someone would have to be an idiot to use it (and a rather hapless one too if you can get them through the install process). All the drivers in the main kernel has worked on by kernel devs, so they are actually responsible for the code. The ones that aren't in the kernel are either:
It's not Microsoft's fault that third parties write bad drivers. It is Microsoft's fault that they rely on third parties to write the drivers in the first place.
For the longest time I thought that all ATI drivers sucked equally on all platforms. But I guess they suck even more on Windows then they do on Linux.
A few months back (after over 12 years with Linux) I finally took the plunge and went Linux-only on my main home PC. I went with Ubuntu 7.04 simply for the basic completeness and fair stability. There are some of the same glaring issues that have plagued Linux since 12 years ago which is so damn frustrating I can't even begin to explain it, there are still some big unification/usability flaws, but the one thing I don't miss at all? Shit like this. A video driver opening a hole that I can't see or close that could cause my computer to be wrecked.
The iron is as hot as it has ever been for Linux, I just wish one distro would come out with something truly amazing and awe-inspiring in the next round of releases to capitalize on the current attitude towards Windows. From what I've seen the big players are just continuing on with incremental upgrades, little to no art or polish, and nothing really newsworthy... I'm just hoping someone has a big ace in their sleeve. Maybe Redhat, PCLOS is growing fast, and my personal darkhorse that I've been pulling for: PC-BSD and their PBI packages, amazing! If only Ubuntu or someone would get something similar.
http://teasphere.wordpress.com - A little spot of tea
Sheesh
A terrorist is someone who causes harm in order to achieve an end. Viruses do cause harm - economic harm. They subvert law enforcement because they hide in countries that sanction those attacks. Thus, stopping the terrorist requires some form of violent action, as that nation who hosts those attacks uses the implicit violence of its sovereignty to hide him.
Gitmo is not one of the "worst abuses in history" as you claim. I would suggest that you research topics from the Holocaust, before you make such an absurdly alarmist claim.
Doing it right, means not listening to a word that you say.
This is my sig.
Sure, there's a generic video display driver.. similar to what Windows has, but if you want any sort of performance out of that card you're going to need the card makers to write a proper driver for it. This is no different on Linux or Windows boxes.
My God... has logical reasoning gone completely out of the window???
This is why Linux will never become successful on the desktop.
"Yeah, but someone would have to be an idiot to use it"
Brilliant. Let's all assume that end users have a degree in Computer Science. I guess I have to agree, people are idiots if they use a device driver from a device driver developer, duh!
"Binary drivers which have always been a Bad Thin[g]"
Sure, because every company in the world believes in open source (in fantasy land). The fact is that some device drivers are binary and it is all you got. The alternative is to dual boot to Windows, which also has a binary device driver for said device but since it is Windows we don't care about its integrity. Oh wait! That is what people still do to this day. They dual boot because Windows just happens to provide that one little thing Linux can't. D'oh!
"It is Microsoft's fault that they rely on third parties to write the drivers in the first place."
WTF?? Where do I begin? I don't fully understand this sentence. Ummm, YEAH Microsoft has to rely on third parties to write the drivers. The third party is the one who invented the device, you idiot. What? Is Microsoft going to write device drivers for all hardware companies now? How does that work? How much of the device's design has to be submitted to Microsoft so that they can write the driver. How is intellectual property protected? Are you insane?
Next you'll be writing how it's Microsoft's fault for relying on third parties for providing software for their platform. If the next version of Adobe Photoshop contained a nasty exploit are we going to say "well it's Microsoft's fault for relying on Adobe for writing image editing software in the first place."
Umm Microsoft DIDNT sign the code, ATI DID. The drivers ARENT WHQL verified... Who's the asshole now?
Please cite a source for this FUD.
i gning.mspx
Or read this: http://www.microsoft.com/whdc/winlogo/drvsign/kms
You *can* buy a software publishing certificate from VeriSign and you *can* use it to sign a driver which you *can* load in Vista.
// MD_Update(&m,buf,j);
This is a graphics driver. It can tell the graphics card to issue DMA bulk transfer requests. Bye-bye memory protection.
Considering the lousy reviews, it seems that Windows Vista is indeed "just a hack" on top of XP.
But it is no longer correct that it is a hack based on DOS. Parallel to Windows 9x, Microsoft introduced the Windows NT line. Windows 2000, XP and Vista are based on that.
In a direct comparison of Windows 2000 to Windows 98 (yes I've used both), Windows 2000 is a lot more stable, especially when confronted with bad applications. It is not perfect but definitely good enough for desktop use.
I'm using XP only occasionally, but it seems OK as well.
Vista - cough - no thanks. The reviews and personal accounts I've read are reason enough not to even try it. And the quality is only half of it, the EULA is even more inacceptable. Even if I strongly suspect it would be unenforceable in my country, I'd rather avoid getting anywhere near it.
C - the footgun of programming languages
Please correct me if I'm wrong, but if a driver's flaw opens a hole to the operating system's kernel, shouldn't we say the flaw is actually in the operating system?
Where we have strong emotions, we're liable to fool ourselves. -- Carl Sagan Sh!fty
Um yes.
They've made the offer, including agreeing to NDAs. http://www.kroah.com/log/2007/01/29/#free_drivers
My God... has logical reasoning gone completely out of the window???
That has to be the gayest line I've ever seen on Slashdot.
"I've got more toys than Teruhisa Kitahara."
I think Microsoft's main consideration with driver signing is stability, not security.
It is a lot easier and more reliable to test a driver for stability than it is to test it for security. There is so much crap hardware with flakey drivers floating around which causes stability problems, Windows has an undeservedly bad reputation for stability. Everyone blames Microsoft when the see a BSOD, but in many cases they should be blaming the manufacturer of their $10 SATA adapter.
I'm posting this from an Ubuntu box, so I'm no MS apologist. But Windows' reputation for being unstable is greatly exaggerated. Signed drivers may help correct this particular market perception.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
So will Microsoft lobby Verisign to revoke ATI's certificate, and add the ATI driver to Windows Defender's malware list now that this hack to circumvent the DRM on HD video is out there in the wild?
Then, sir, you're easily amused.
An OS's kernel needs access to stuff not even an admin should touch. Direct low level access to hardware, some special CPU ops, direct memory management, CPU scheduling, etc.
_Should_ never touch and _can_ never touch are two very different things. But, since you bring it up, I _can_ touch all of those things on my machine if I wanted to. Many Linux users, and especially admins, _do_ touch those things on a fairly regular basis to get the best performance possible out of their system.
But let's say for the sake of argument you are right, what media file you can play, when, where, and how, shouldn't be something an OS kernel should be limiting. An OS's kernel should not be in the business of policing copyright, should it?
http://www.mhall119.com
But then at least you could patch the source.
Want to hear the voice of GOD? cat
In fact, I recall a while back there was a bug and/or exploit found in the binary Nvidia driver for Linux. I remember the Slashdot article about it was tagged "haha..."
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
You mean, "local" as in how long does it take a trojan to trick a user into installing a local rootkit?
libertarian: (n) socially liberal, financially conservative; neither left, nor right.
Microsoft's problem are stupid administrators. What would you do if you had stupid administrator of our system?
I'd fire them.
Heck, that solution is even cross-platform!
http://www.mhall119.com
Nvidia's drivers have turned to crap, especially for Vista. Their 8800 series is still full of bugs(alt-tab in and out of games much?) and they almost had a class action lawsuit because of their deceptive marketing. Talk about a botched launch... They've gone from having the best set of unified graphics drivers available to a company who many users feel can't be trusted to support the hardware they are selling. I've pimped Nvidia for years as the gpus to buy because of their former solid drivers, now ATI/AMD is many accounts a better choice for Vista users and stabiilty.
Both companies trade places for who has the best gpu or driver for any given time period and right now Nvidia is just not cutting it.
PS if you want to use Linux but your a gamer dual-boot or buy a console. Complaining about ATI's linux drivers is problem #4,239 for why Linux doesn't make a great desktop for most people, don't expect that to change anytime soon.
If you wanna get rich, you know that payback is a bitch
Depends on who lines the pockets of the developers I guess... Fundamentally, no, an OS should only perform the functions of being able to utilize your hardware to the fullest extent (anyway you want) in an efficient manner.
nexium
Jul 30 21:08:00 linux kernel: nvidia: module license 'NVIDIA' taints kernel.
Alex Ionescu knows a thing or wro about the workings of windows. he was an active dev on the reactos team reverse engineering windows until he got a job offer he could't refuse. he was probably studying the inner workings of vista when he found this, i beleve he's not a security hacker.
;)
he has a bit of a problem being a team player though, there is more than one discussion that ended in a flamewar. althougt i think the reactos team hated to loose his skills few people miss his people skills...
on a personal note i hope everything goes well Alex Ionescu, this was not ment as a personal attack, keep breathing.
You can press F8 to select disable driver signing verification (or you can modify BCD's startup switches for Vista to enable that option all the time). Also, if you can attach a kernel debugger it turns off verification automatically.
In either case, once you have code in kernel mode all that remains is to suss out where the DRM system detects debug mode (to disable high-def playback) and override that protection. Essentially your kernel-mode code patches the kernel to erase its tracks.
I suspect this route would prove much easier than trying to exploit driver weaknesses; alternately just run Vista in a VM and do whatever you like. If they add VM detection code just patch it in memory to bypass the detection.
Natural != (nontoxic || beneficial)
whether windows vista graphics drivers run in kernel mode? I've heard both ways, and I'd like to hear for sure from someone who has actually written drivers for vista.
Except when you consider that you can just package the driver with your malware and issue a command to load it. In some cases, you can get a driver to load well enough even when the victim computer doesn't have that device.
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
this ATI's flaw is locally exploitable only and it requires administrative privileges.
This ATI's flaws requires administrative privileges... In linux it's possible to replace the whole kernel with a single command line, because linux kernel hasn't a code protection mechanism. linux has a worst protection than Vista
how different are other OSes like Linux
Very. The driver source is open. If you load a proprietary binary module, you (a) taint the kernel (which is not "Linux" anymore), and (b) it's your own decision. The Ubuntu "restricted drivers manager" (don't know about other distros) even tells you that there are security issues.
"When I first heard Daydream Nation it quite frankly scared the living shit out of me." -- Matthew Stearns
Here's the article Root Exploit For NVIDIA Closed-Source Linux Driver
There is a reference to Nelson Muntz: As Nelson Muntz would say: "Ha ha".
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
Windows Logo Program (for hardware) != signed drivers.
All drivers shipped as part of the Windows Logo Program are signed, but not all signed drivers are part of the Windows Logo Program.
And there are levels of testing in the Logo program, as well, some more rigorous than others.
Well actually, I think it would work the other way around. The people who right NVIDIA drivers should be kernel devs. Whether they work for NVIDIA or not is a secondary issue.
That's how things have work with Linux from the start and it hasn't stopped them from writing high performance code.
Oops. Who gave ati the signing key?
Something bad is coming when people are suddenly anxious to tell the truth.
Uh, actually, in cases like this, Microsoft requests that the CA who issued the Software Publishing Certificate revoke it. As you well know, certificate publishers publish a list (known as a Certificate Revocation List) which most things that rely on crypto signatures check prior to validating a certificate. The downside of that is that all ATI software for all operating systems become uncertified. If it's WHQL, that's easier. Microsoft merely adds ATI's certificate to their own CRL and the Win64 version of the driver no longer loads, and the Win32 one complains.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".