Slashdot Mirror
Windows 10 Will Have Screen Recording Tool
Mark Wilson writes: Windows 10 has not even been released yet, but that's a perfect reason to start unearthing a few secrets. Over the coming weeks and months there will undoubtedly be an endless stream of tips, tricks, and tweaks to try out, but how's this for starters? Windows 10 has a secret screen recording tool that can be used to capture on-screen activity as a video file. Taking a static screenshot is very simple. You can either hit the Print Screen key, use the Snipping Tool, or turn to one of the countless screen capture tools out there — many of which are free. When it comes to capturing video, however, it's something of a different story. Before you splash out on a dedicated tool such as Camtasia, you might want to try out Windows 10's hidden tool. It's designed for gamers really, but anyone can use it. The Game bar is a toolbar which Microsoft meant for gamers to use to capture screenshots of their high scores, as well as video footage of their gaming skills. Despite the name, it is not limited to use within games
in10 looks like a real joy.. Mandated Updates No MediaCenter Now this Screen Recording Tool
Microsoft has long had RDC, and they could read anything important you were doing with your PC (not direct GPU access) anyway if you had it open and you assume they had a back door into it. You're always in the position of having to trust the maker of your OS, unless it's you.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
That's a fair point, but it's also true that as someone reasonably careful about security I have had far, far more downtime over the years due to bad Windows updates than I ever have due to intrusions.
The compulsory updates alone make Windows 10 a non-starter for me, even if I saw anything else that might make me want to upgrade. :-(
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
The paranoia is amazing
Considering the exploit record of Microsoft Windows, I'd say his paranoia is quite justified.
.
Indeed, if only Microsoft were as paranoid about people exploiting vulnerability vectors into Windows.......
Welcome to June 2009 you mean.
Welcome to March 2009 https://technet.microsoft.com/...
there's gullibility, where someone trusts people they shouldn't
there's shrewdness, where someone will intelligently verify someone before gradually trusting them
then there's a sort of toxic level of distrust which is not intelligent and is just as hobbling to your life as gullibility. even though those with toxic levels of distrust see themselves as somehow more intelligent than the cluelessly naive and gullible, they aren't really, they are the same level of foolishness which is unintelligent and ruins your life
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
So your saying the built in screen recording tool is not the perfect app for use with the NSA back door.
What NSA backdoor? Billions of systems use Windows (including government ones) and still nobody can actually identify this supposed "backdoor" in the product. The same crap was being pandered to the tinfoil hat crowd back in the late 90s and they lapped it up, then came the NT4.0 (and 2000) sourcecode leaks and lo and behold no backdoor to be found.
The problem remains in the number of attack vectors Windows has always had, in fact one could venture to say that Windows is the most powerful Trojan horse ever created and with a market share that has always been a high value target. The NSA wouldn't have to work too hard to bug windows itself let alone the driver level if tommy 10 y/o script kiddy can work it like warm butter.
The paranoia is amazing
Considering the exploit record of Microsoft Windows, I'd say his paranoia is quite justified.
.
Indeed, if only Microsoft were as paranoid about people exploiting vulnerability vectors into Windows.......
As unpopular as my post is going to get on such an anti MS and pro Linux site I have to say MS really did do a good job after the security Memo from 2004 starting with Vista in terms of security. I would rank it as one of the most secure operating systems behind OpenBSD and MVS as number 3.
Modern Windows has all the apis go through ACL to prevent bypasses that explains UAC prompts in Vista. It also now randomizes data in the ram to prevent injections via ASLR. It has a signed bootloader to prevent rootkits. It can now accurately separate storage vs execution data to prevent buffer overflows. It has kernel level sandboxing with low-rights mode which Chrome and IE use for default which severely limit FS and services access. Windows Server can be powershell only which can limit 90% of the exploits with GDI and excess services that no longer need to be patched and so on.
All the exploits you read are from Adobe and Java which due to XP compatibility can't use modern features such as low-rights mode due to people not wanting to change.
I am not saying it is an amazing OS but it is not WIndows 98 anymore where pointers and crashes were all over and all you had to do was put your code in a ram address where a known pointer would look and BAM 0wned!
http://saveie6.com/
Isn't that something? It should be easy enough to check for, yet buffer overflows are still very common.
Microsoft came up with an API to handle buffer overflows that take buffer descriptors [that have base/end/length] instead of mere pointers (e.g. memcpy --> memcpy_safe).
But, trying to retrofit that over a code base of tens of millions of lines of code isn't easy and has it's own set of problems for QA'ing the result. For example, suppose you do a retrofit for certain code sections, do a full QA. You may break every system in the world because your QA suite missed something. With Win10, hopefully, automatic rollback on recent changes will be part of the newer "continuous update" model. With that, the risk of adding some additional checking will be smaller, so MS will be encouraged to do more code review and cleanup.
Further, WinX, by architectural design and needless complexity, has many more avenues of attack than Unix/Linux/*BSD POSIX systems. Buffer overflow is but one, and it's the easiest to spot in a code review.
Case in point: Stuxnet
Before getting to the centrifuge controllers, stuxnet had to penetrate windows. It did so by putting attack code in a printer font. The WinX print spooler [inside the kernel] executed code in user space memory from ring 0. This is bad design for two reasons:
(1) putting a print spooler in the kernel at all [on all other above systems, the spooler is just a utility].
(2) Executing any code from user space memory by the kernel running at ring 0 [This is architecturally impossible by the other OSes]
This is [very old] legacy code from the MS/DOS days when there was no supervisor/user mode distinction [on an 8086]. In other words, they never bothered to change this in 20+ years. Contrast this to the fact that most Unixes back then used mc68000's which came out at the same time and did have supervisor/user modes baked into the hardware. None of the POSIX based systems have any way at all for the kernel to do what WinX was doing [the calldown to user space].
Like a good neighbor, fsck is there
The US Constitution and Bill of Rights do not come into play outside of US sovereign territory.
It does not come into play much inside the US territory, either, if the last few years of leaks and news are any indication.
... is also a "tad bit obvious", as every system reporting tool will gladly show you that your screen recording software is chewing up resources for no apparent reason. If the NSA wanted in to your machine they'd use a backdoor or exploit to gain access, then install their own software which you'd not recognise.