Slashdot Mirror
Microsoft Admits XP Has Same Bug As Win2K
Arashtamere sends in a Computerworld story on a security flaw in the Windows 2000 pseudo-random number generator published by Israeli researchers earlier this month. Microsoft has now admitted that the flaw is present in XP too. Microsoft denies that the bug is a security vulnerability, since an attacker would have to have gained administrative access to a system before exploiting it. (The Israeli researchers point out that many common exploits provide admin access.) This stance apparently lets them off the hook for patching Win2K, which is in "extended support" mode, though it powers about 9% of US and EU business computers. Microsoft said that XP SP3, due in the first half of next year, will fix the bug. The company said that Vista, Windows Server 2003 SP2, and the new Windows Server 2008 are not vulnerable.
thats not what i think...
if you already have admin access via another "exploit" why would you bother attacking via random number generator, seems like its a lot of fuss over nothing, Windows has alwayss been vunerable locally (luckily for admins whose users forget passwords etc) so the most worry is over a remote exploit which this flaw isnt. But iam sure some million dollar company will sell a solution for this, paranoia is a great sales tool in the murky world of snake oil, cough i mean computer security
If you have admin access, the battle's already lost. What's the point of running a complex process to obtain their password when you have full access to everything on their computer? Might as well just drop in a keylogger and get the same info much easier.
Comment of the year
A reason to upgrade to Vista! ;)
Religion is regarded by the common people as true, by the wise as false, and by rulers as useful.
I post anonymously do avoid being dicked over by Slashdot groupthink retards.
If someone already has Administrator access to your computer, doesn't that mean you are already fucked?
Are you people reall so stupid that you give a shit about this?
Happy Thanksgiving, retards.
If I were writing a crypto app for Windows, I'd use my own RNG, and use Windows's as one of the inputs, but not the definitive input. Perhaps have the user wiggle the mouse briefly in a screen to seed a random number pool in RAM, then mix that with other non-periodic sources.
I know TrueCrypt does this, where it uses its own RNG, and uses the OS's (be it Windows or Linux) as input, but not the RNG.
In any case, if an attacker had administrator access, having them guess the output of the RNG is the least of one's worries.
This article refers to this summary of this paper
I fail to see why you would need administative privelidges however. You would only need to run in the userspace of the process that did run the random number generator before. Having administrative privs would be nice to inject code into that userspace, but is not needed i think.
It can get even worse if from a public key part the random number that was used to generate it can be extracted, what was done in early ssl implementation attacks.
Has Microsoft officially stated that the bug is not present in Vista? Or will they "recently discover" that too.
Here is the original article on the ACM.
Very brief summary of article
Each process has their own instance of the generator, and the refresh of the internal state is done after 128 kbs of output from the generator (roughly 600-1200 SSL connections with IE). Not only that, it is run in the userspace so it is not a security violation to examine the internal state of the generator. The function used is not one-way which provides a means looking at past transactions of a user (within the 128 kbs of data).
Lack of planning on your part does not constitute an emergency on mine.
"The company said that Vista, Windows Server 2003 SP2, and the new Windows Server 2008 are not vulnerable."
I for one welcome our new random number generating overlords But seriously, aside from the "we're exploiting this because we can" this is hardly a security liability. They already have administrator and there's not much left to be compromised.
Everything clever I considered putting here I got from other slashdot sigs.
Microsoft claims this is not a "security vulnerability" because the machine has to already have been cracked to exploit it.
That is not 100% correct.
It is still a "security vulnerability".
It just cannot be exploited to increase your access on that machine.
That we know of. Today. So the code still needs to be patched. Security is not an "either / or" situation. You have to reduce the effectiveness of threats.
While in general I think open-source and closed-source software can coexist, I think this is a pretty good example of why anything related to crypto should be open. All of public key cryptography relies on the secrecy of private keys, not on the secrecy of the algorithm itself. And while they might have faithfully implemented the algorithm, who knows what kinds of arguments/whatever to the crypto functions might cause undesired results -- it's just too hard to test.
In any case, the thing that surprised me most from the article was that Windows 2000 users would be left out in the cold: "Because the company has determined that the PRNG problem is not a security vulnerability, it is unlikely to provide a patch [for Win2K]." Wow. Especially when it's something this easy to fix. This bug also solves any attacker's problem of trying to sort valuable from non-valuable information, since presumably any valuable information (credit cards used online, etc) will use encryption. And while someone suggested that a program should use its own random number generator, there is a problem because, in general, your application (not running as Admin) shouldn't have access to nearly the same amount of entropy sources (like network activity, GUI inputs, etc).
--
Educational microcontroller kits for the digital generation -- great gift!
Not that I consider this flaw terribly serious unless it has the ability to compromise other encryption algos run on the machine aside from user passwords. I've never considered windows encryption secure, so never bothered with it. A person with admin rights could do what they wanted anyway as far as the system goes.
The real downside of W2K is that MS has given it the shaft for awhile, even when it wasn't in extended support they were still not supporting it very well for the last couple years as far as the add ons and other things that came out during that period. Its a shame too, W2K properly tuned is a very fast & light OS.
Maybe I'll buy up someones old XP or Server 2003 license to run on the desktop to tide me over until they finally yank out enough of Vista to make it tolerable, its replacement comes out, or Linux finally learns to handle triple and quad displays properly.
Freedom is merely privilege extended unless enjoyed by one and all.
Thanks for the flashback to l0pht's old page....! For those who don't remember it before it got rolled into @stake:
"'That vulnerability is entirely theoretical.'-- Microsoft;L0pht, making the theoretical practical since 1992."
Don't tell me to get a life. I'm a gamer; I have LOTS of lives!
Who wants to bet that they'll "upgrade" to the elliptic curve algo with the NSA backdoor?
Microsoft Admits XP Has Same Bug As Win2K
More correctly, "Microsoft Admits XP has same bugs as Win2K."
The higher the technology, the sharper that two-edged sword.
>Microsoft said that XP SP3, due in the first half of next year, will fix the bug.
It should be an offence to know and state you know about a bug but sit on the fix for months. This is a really stupid MS position and will push people more towards alternatives like GNU/Linux.
It should be a hot fix right now.
or Linux finally learns to handle triple and quad displays properly.
I'd settle for two.
The higher the technology, the sharper that two-edged sword.
This is what happens when you keep polishing the same turd, and then passing it off as a new product every few years ....
Following this trend - Vista is about as popular as turd floating in a punch bowl at a wedding
Its not the years, its the mileage
Meanwhile, free/libre open-source unices like Linux and *BSD have been having a sound random generator that doesn't suck too much for, like, ages...
No, sorry, you can keep Vista for yourself.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Alright... so what all will this Service Pack entail besides the number generator fix? Will Mac Boot Camp users run into any problems with this update? I'm just curious if it affects anything seeing as Mac claims only Service Pack 2 can be installed on the Boot Camp partition.
Greg Loesch
http://greg.loeschfam.com
One concrete weakness of this attack is that it permits you to reverse-engineer "secure" sessions _before_ you got admin privilege, as the random number generator can be 'rewound'.
:-) ) is an important trait, and MS's scheme is missing it.
So-called forward security (yes, looking at things in the past is 'forward'
Also FatPhil on SoylentNews, id 863
Who wants to bet that they'll "upgrade" to the elliptic curve algo with the NSA backdoor?
No worries about whether or not it's even legal to fix a machine that I'm using to run my business.
Free Software: Like love, it grows best when given away.
...but I can't complain that XP has the same bug as Windows 2000 in this case-- if the researchers didn't find the problem and publish it before last month, it seems to be asking a little much to expect Microsoft to fix a bug nobody knew they had.
As to patching Windows 2000: They're going to patch XP, and if the bug is in both, chances are it's the same code. I believe they should at least look at it and see if a patch is going to be simple. That said, it'd have to be darned simple to be worth it: if you're running Windows 2000 still, I'm gonna go out on a limb and guess you're probably not all that interested in updating it, or you'd probably be running XP by now... Not releasing a patch won't affect many people at all, and for those people, they still had to get Admin rights cracked to begin with...
I'd settle for one working properly with all the features of my graphics card that I paid for. Granted, that's more ATI's fault than Linux's, but the end result is still a gimped laptop and an unhappy user. With all the progress that's been made in recent years there are still hardware configurations that Linux can't handle. And when "Sorry, this hardware isn't fully supported.", is the best advice the community can come up with, it's no wonder why Linux hasn't seen much wide spread uptake as a desktop OS.
I just don't see how its possible just from looking at the numbers themselves unless you're selecting from a pre-known selection of algorithms and comparing expected results with actual output from the generator given a specific seed. If you don't know the algo then you could be making educated guesses for literally years and still not work out the algorithm.
Knowing someone's password can be handy. Most folks use the same password on multiple machines or entire networks. Moreover they seldom change them.
Some drink at the fountain of knowledge. Others just gargle.
News about a legacy OS.
I have two monitors under Linux, works fine.
Some applications don't handle it as well as they should, but that's an application issue.
Do you know how much money Microsoft would pay to have its customers blame applications rather than the OS when problems arise?
I was told by MCE that "there must be at least one administrator".
I logged out and logged in as "Administrator" and tried to downgrade my normal userid.
I was told once again by MCE that "there must be at least one administrator". This while I was logged in as Administrator and the user I was trying to change was the one set up on first boot of an OEM version (NOT "Administrator""
With this in mind, what is wrong with the assertion that "an attacker would have to have gained administrative access to a system before exploiting it"?
And ye shall know the truth, and the truth shall make you free.
John 8:32(King James Version)
Exactly. All the Linux fans do is make excuses for it's shortcomings. "Linux can't run games" "It's not supposed to run games. Or the ubiquitous "It does run games, you can play WOW." etc,etc. They try to pass limitations off as selectiveness.
I also use Linux and have tried numerous distros; some work fine on my desktop but not my laptop. Some work on my laptop but give me no 3D acceleration and can't work with my wireless card. I finally ended up having to use Simply Mepis32 on my laptop, as it's the only distro that works completely with my laptop.
is it safe to assume that XPP x64 is not effected? as i understand it, it's built off of server 2k3. i didn't rtfa, but any thoughts?
not only is time travel possible, it's irrelevant.
First lesson about cryptography: don't assume that the algorithm itself cannot be cracked, rely on keys or, in this case, in the non-availability of the state of the PRNG. And of course, don't think because C/C++ is compiled into machine code, that it cannot be reverse engineered. True enough, C# managed code/Java byte code is easier to reverse engineer, but only because it is a *higher level* machine code. The basics are more or less the same.
If I look at the algorithm used by M$, it seems that they made the same very basic mistake you are now making, and they should be *very* ashamed. Even 8 years ago keeping algorithms safe was just not done. That weird scheme of theirs seems to be very much geared towards obscurity, not security. That said, I have not looked deeply into the scheme, maybe it does something incredibly smart, but I would definitely not bet on that, not even if the odds were 10:1.
True. Then how come we do not put locks on all our romms inside out house, lock our cabinets, lock our closets, TV, sound system, etc? Once a person breaks through your front door, you are toast. Maybe because it does not make sense and it adds to the complexity of a home, to the point that it cannot be managed anymore and your life becomes hell?
Is this news coming out now because Darth Gates want more people to buy Vista or Windows 7 when it comes out? Every one know how weak security is locally on a Win Box but it seems like since Vista quickly turned into a brown bomber now they try to bash XP (The best Win OS so far). How bout instead of spending money to announce to the world the inherent weaknesses of Windows, spend the money to develop a better OS like so many Open Source Operating Systems.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
Flamebaits and trolls have nothing to do with truth! The moderation system is designed to accommodate opinions, and doesn't take sides on what's "truth" or not. Even if you strongly believe that something is true, that doesn't mean that everyone else will, but that also doesn't mean you deserve to be modded into oblivion. What truly earns you a Troll or Flamebait mod is how you present your view, and you took an overgeneralised pot-shot at Slashdot as a whole. That's a no-no, for future reference.
You know, there is a difference between trolling and pointing out the flaws in your reasoning. Just saying.
CryptGenRandom is supposed to be the Windows-equivalent of /dev/urandom. Except it's not, because of this design flaw. The implications of this extend far beyond encrypted NTFS volumes.
For example, an attacker can passively monitor a network of Windows machines, wait for one of them to do something interesting (like connect via SSL www.paypal.com), then actively compromise those selected machines later, and gain enough information to decrypt the captured SSL sessions.
Basically, if you encrypt something sensitive, before some spyware gets installed on your Windows machine---or after it's removed---the random data used for the encryption (including stuff like SSH session keys) is likely to be compromised (except perhaps in cases where you've rebooted or restarted the requisite processes in the meantime).
Do not underestimate the severity of this bug.
http://outcampaign.org/
Open source code. Easier to do research on it, easier to fix.
Whereas Windows has closed source, and you're pretty much stuck relying on Microsoft to provide fix (which they might not, hoping to use it as an argument to encourage shift toward Vista).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
All commercially available crypto in BIG TIME systems is always just snakeoil shomehow spiked by NSA.
Or, get it for free from the IACR.
http://outcampaign.org/
It would be far more accurate to say that M$ claims that this is not a bug, because the latest version does not have it ie. it is an upgrade feature. How many other products would you accept this for, a defect in a motor vehicle. No recall because the latest version does not have that defect, you just have to trade in for the upgrade (M$ version of a trade in , it is more expensive than the original OEM).
Chaos - everything, everywhere, everywhen
So it's not an exploit because you already had to get administrator access in order to do it. Funny how they didn't use that logic when it came to implementing mandatory driver signing in Vista 64. A rootkit would already need to have administrator access to get loaded.
Thank you, Microsoft, for proving that you lied about the reason why you made driver signing mandatory.
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
[conspiracy]
I wonder if MS is purposefully leaving bugs in XP simply to encourage Vista sales? Or at least to counter all the negativity Vista has been copping. Why do we have to wait for SP3 for this fix, if not to allow more time for news to circulate that Vista is "more secure" than XP? I imagine MS is trying hard to make Vista seem more appealing than staying with XP.. not hard to imagine any large company using tactics like this with their products.
[/conspiracy]
Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
child resistant catches/high level bolts sure but locks?!
If you haven't tought your children to behave by the time a full lock and key is the only thing that will stop them then either your child has serious mental problems (which does happen sometimes but should be fairly rare) or you were a very bad parent.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
So I'm sure they've known about the bug all along, however it wasn't until someone said HEY IF WE SHARE IT NOW MORE PEOPLE WILL MOVE TO VISTA. Cute...
I've never seen someone milk Slashdot for so much free and undeserved publicity in such a short time as these guys. First they get all happy because they find an exploit in an eight year old operating system. Um, how about testing Vista, guys? Wow, you find an outdated exploit.
And now they ass cover their stupidity with some more stupidity. If someone has admin access already... why do they need the "flaw" these retards found? It's already game over: if someone wants to screw your computer over, they can just format the hard drive at that point.
And then they point to those mysterious "common exploits"... that old saw that somehow OSX and Teh Lunix, both of which have had security PR train wrecks this year due to their "obscurity" security model... as some kind of justification for how worthless their research really is.
Now these idiots can talk about how many headlines their piece of slashdot exploit grabbed. And in the grand scheme of things, they found nothing of worth, aside from giving the Shitslotters some more MS-hate speech.
Linux Kernel Random Number Generator Local DoS and Privilege Escalation Vulnerability: http://www.securityfocus.com/bid/25348 Vulnerable: Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Linux kernel 2.6.22 1 Linux kernel 2.6.22 Linux kernel 2.6.22 Linux kernel 2.6.21 4 Linux kernel 2.6.21 .7
Linux kernel 2.6.21 .6
Linux kernel 2.6.21 .2
Linux kernel 2.6.21 .1
Linux kernel 2.6.21
Linux kernel 2.6.21
Again, it's apparent that you haven't had kids yet. Either that, or your kids are morons.
Which is it?
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
You clearly do not understand the difference between vulnerabilities and exploits. Local vulnerabilities are worthless to a non-local attacker, but exploits are. Especially since MANY remote vulnerabilites are still in 0-day status. (I'd suggest the AC go to wikipedia to brush up on the terminology since they seem pretty clueless.
Jeruvy