Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Releases Standards For Highly Secure Windows 10 Devices (bleepingcomputer.com)

Posted by BeauHD on from the highly-secure dept.

An anonymous reader writes from a report via BleepingComputer: Yesterday, Microsoft released new standards that consumers should follow in order to have a highly secure Windows 10 device. These standards include the type of hardware that should be included with Windows 10 systems and the minimum firmware features. The hardware standards are broken up into 6 categories, which are minimum specs for processor generation, processor architecture, virtualization, trusted platform modules (TPM), platform boot verification, and RAM. Similarly, firmware features should support at least UEFI 2.4 or later, Secure Boot, Secure MOR 2 or later, and support the Windows UEFI Firmware Capsule Update specification.

19 of 173 comments (clear)

  1. Secure Windows is a phrase that doesn't feel right by iamacat · · Score: 3, Funny

    Like "President Trump". Or "First Post"

  2. Missing... by msauve · · Score: 3, Insightful

    Mysteriously (!?) missing are what IPs/DNS to block to keep MS from collecting info on you.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  3. Sure, but... by PhantomHarlock · · Score: 2

    The chances of it coming with a version of windows that doesn't send any data back home to mama is pretty much nil.

    It should be able to download security patches without sending any identifying information, tell you when it wants to do it, and be highly selective about what it does download from windows update servers.

    1. Re:Sure, but... by rtb61 · · Score: 3, Interesting

      The PR=B$ messaging secure for you, the corporate reality, secure from you. M$ securing your PC from you, compulsory software installs even firm ware upgrades, that cannot be refused. Each and every log in to the server that controls your PC capable of altering all configurations to what ever M$ corporate demands and that includes, deleting files off your computer or even bricking you computer. M$ securing your computer from you and they mean it, fuck you, you install Windows, they own your computer and your digital life, learn to pay rent fuckers or else.

      --
      Chaos - everything, everywhere, everywhen
    2. Re:Sure, but... by hughankers · · Score: 4, Funny

      The chances of it coming with a version of windows that doesn't send any data back home to mama is pretty much nil.

      It should be able to download security patches without sending any identifying information, tell you when it wants to do it, and be highly selective about what it does download from windows update servers.

      But if my system isn't sending back any data, how will Microsoft know when to phone me and tell me when they've found viruses on my computer?

      It's so helpful when that nice foreign sounding gentleman calls me to help me get everything fixed up..... which reminds me.. I hope he rings again soon, after the last time, I don't seem to be able to log into my email or Bitcoin wallet :/

  4. Did anyone RTFA? by subanark · · Score: 2, Insightful

    Every post I see so far is the generic: see Windows in the title, bash Windows in comments. I mean I'm not sure anyone even read the summary, as all the comments could be made about any article about Windows. And this article doesn't have a lot to do about Windows, its mostly about secure hardware.

    Yes, yes I know most of you hate Windows, if not Microsoft as a whole, but is it necessary to remind people of this every article?

    1. Re:Did anyone RTFA? by chipschap · · Score: 2

      Yes, yes I know most of you hate Windows, if not Microsoft as a whole, but is it necessary to remind people of this every article?

      I think that independent of hating/not hating MS/Windows, there is some real irony here that is worth recognizing. When MS publishes a detailed and quite serious specification about how to secure your computer, but ensures that, unless you take special steps, some of them highly technical (like blocking phone-home IP addresses at your router), they themselves have unfettered access to your computer.

    2. Re: Did anyone RTFA? by maeltor3138 · · Score: 4, Insightful

      I don't see a helluva lot of flamebait in the summary. MS releasing security standards that are legitimate is actual news and deserves legitimate consideration. The ridiculousness of the standard "M$=bad" bullshit responses doesn't help anyone and make things better for computing in general. Simply saying that (not saying you do, using "you" as a generalization) "you use Linux and everyone else should to" simply shows that you have no grounding in pragmatic reality.

    3. Re:Did anyone RTFA? by WaffleMonster · · Score: 5, Interesting

      Every post I see so far is the generic: see Windows in the title, bash Windows in comments.

      Fair enough.

      The processor architecture requirement is to have a 64-bit processor so that Windows can take advantage of VBS, or Virtualization-based security, which uses the Windows hypervisor.

      The idea of using hypervisors rather than operating systems for isolation is both sad and absolutely necessary. What should happen is the operating system should provide these services in a tractably verifiably secure manner. Since that seems to be practically impossible at the moment the hypervisor is the only game in town.

      Highly secured Windows 10 devices should support Intel VT-d, AMD-Vi, or ARM64 SMMUs in order to take advantage of Input-Output Memory Management Unit (IOMMU) device virtualization

      Not a chance in hell so long as Intel AMT exists. While I agree MMUs are necessary for security they are currently a massive enabler of insecurity.

      Another recommended component is a Trusted Platform Module, or TPM â" a hardware module that is either integrated into a computer chipset or can be purchased as a separate module for supported motherboards that handles the secure generation of cryptographic keys, their storage, a secure random number generator, and hardware authentication.

      I don't like TPM because if it breaks everything it protects is gone and I neither need nor want my systems to be secured against physical access in a way that can't stand alone. (e.g. passphrase)

      In addition, Microsoft recommends platform boot verification, which is a feature that prevents the computer from loading a firmware that was not designed by the system manufacturer. This prevents attackers from uploading a malicious or compromised firmware to the computer.

      I have always hated the idea of using complex cryptography guarded by keys that are bound to be compromised with global repercussions. It's a massive house of cards that seems more and more likely to fail as the profit motive for it's compromise increases.

      There is a much easier way to protect operating systems from persistent threats.

      1. Forbid all hardware from physically possessing any means of self-contained persistent field upgradability. All necessary firmware updates must be loaded during or after boot and they must not survive a reboot.

      2. Provide an option for protected storage area the operating system boots from and is then hardware fused to read only prior to becoming available to the end user until next reboot when the process repeats.

      This has the following advantages over secure boot.

      1. Easier to implement.

      2. Future proof, no worries about protecting crypto from unforeseeable threats.

      3. Offers maximal flexibility since the OS gets to decide when to blow the fuse it can trade safety for convenience per OS preferences and whims of the end user as allowed by OS.

      4. This is more secure because it does not depend on thousands of companies guarding secrets (encryption keys) that have a history of being stolen and prove difficult to practically recall. Also secure boot requires that all signed drivers that can be loaded remain secure against compromise... The attack surface is simply too big to practically address.

      5. System can not be misused to deny owners of computing hardware access to load their own systems. Users always retain full control over what operating systems get loaded into the protected area.

  5. BusyBox/Linux by tepples · · Score: 4, Informative

    GNU tools are required to have a usable system

    How so? These reddit users find BusyBox/Linux usable. It's what you get when you replace glibc with uClibc, Newlib, or Bionic, and then drop Bash and Coreutils (GPL) in favor of BusyBox (also GPL, but not part of GNU).

    the need for the GNU Compiler Collection to compile the kernel

    Clang has been compiling Linux for seven years.

  6. Secure Windows? as in C3, maybe? by davecb · · Score: 2

    The old "orange book" standards defind four letter grades, just like in school. A was excellent, B was good, C was a comfortable pass and D was a bare pass. Windows struggled to make C with networking turned off.

    The standards have been replaced with easier ones, and this bundle of hardware might make D...

    --
    davecb@spamcop.net
  7. Re:Secure Windows is a phrase that means... by harvey+the+nerd · · Score: 4, Funny

    In most of the world, highly secure windows mean 1/2" to 3/4" steel bars...

  8. If Windows is proprietary it can't be secured. by jbn-o · · Score: 4, Informative

    Only free software (software the user is free to run, inspect, share, and modify) can be assessed for security, fixed or improved, shared (even commercially), and run at any time for any reason. Without software freedom you're not being treated ethically and you deserve full control over your computers.

    Nonfree software is never trustworthy, no matter how long you've run it, how much you're used to its interface, or how much you feel like you can trust it. You have no idea what nonfree software is doing when it runs, you have no permission to alter it, share it, or inspect it no matter how technical and willing you are to do these things. You might not even have permission to run it anytime you want for any reason.

    So there is no way to secure Windows 10 so long as Windows 10 is nonfree software. The same applies to any other nonfree software too. No amount of public relations changes how computers and software work.

    --
    Digital Citizen
    1. Re:If Windows is proprietary it can't be secured. by luis_a_espinal · · Score: 3, Insightful

      Only free software (software the user is free to run, inspect, share, and modify) can be assessed for security, fixed or improved, shared (even commercially), and run at any time for any reason. Without software freedom you're not being treated ethically and you deserve full control over your computers.

      Nonfree software is never trustworthy, no matter how long you've run it, how much you're used to its interface, or how much you feel like you can trust it. You have no idea what nonfree software is doing when it runs, you have no permission to alter it, share it, or inspect it no matter how technical and willing you are to do these things. You might not even have permission to run it anytime you want for any reason.

      So there is no way to secure Windows 10 so long as Windows 10 is nonfree software. The same applies to any other nonfree software too. No amount of public relations changes how computers and software work.

      There are so many counter examples to this claim, but why bother. A cult is a cult. All Hail the True Scotsman.

  9. Re:Secure Windows is a phrase that doesn't feel ri by Anonymous Coward · · Score: 4, Insightful

    This is not about security: this is about locking down the system to a vendor. It's right there in TFS:

    ...trusted platform modules (TPM), platform boot verification... UEFI 2.4 or later, Secure Boot, Secure MOR 2 or later, and support the Windows UEFI Firmware Capsule Update specification.

    Words like "trusted", "secure" etc in computer salesdroid-speak are like "people's" and "democratic" when they get shoe-horned into a country's name - they're a warning sign, a veneer to hide a darker truth.

  10. Re:Sponsored by NSA by Z00L00K · · Score: 4, Interesting

    Which raises the question "Secure for Whom?".

    If you want a secure system, look at OpenVMS.

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  11. Re:Telemetry by fox171171 · · Score: 2

    Which of these new standards turns off Telemetry? Without that, Windows 10 can never be secure.

    You appear to not understand. They are talking about secure from the user. Is it simple to replace the OS, or is Windows secure?

  12. Re:Secure Windows is a phrase that doesn't feel ri by TheRaven64 · · Score: 4, Interesting

    Words like "trusted", "secure" etc in computer salesdroid-speak are like "people's" and "democratic" when they get shoe-horned into a country's name - they're a warning sign, a veneer to hide a darker truth.

    Trusted, as a technical term, means exactly what you'd expect from its use as a non-technical term: it is a thing which is expected to be correct and which can compromise (at least part of) the system if not. It is not the same as trustworthy. For example, the trusted computing base is the set of all things (microcode, bootloader, firmware, kernel, privileged daemons) that must be correct for the system to be secure. A system that uses a formally verified microkernel to provide isolation has a component that is both trusted and trustworthy.

    Secure in this context also means what you'd expect. A system supporting secure boot can only boot an OS (or, at least, a second-stage bootloader) that is signed by a trusted party. There's nothing stopping such a system from allowing you to provide your own public keys, and many do, but if malware corrupts your on-disk kernel image then the system will refuse to boot unless you've also installed the malware vendor's key.

    There's always a tension between user freedom and security, which goes right back to Stallman complaining about users on shared systems not being given the root password: was it better to allow users of the system to fix issues even at the expense of making all of their files wide open to every other user of the system? In the MIT AI lab, it was probably fine for everyone to have the root password, but it's not fine for everyone on the Internet to have my root password.

    --
    I am TheRaven on Soylent News
  13. Re:Telemetry by jez9999 · · Score: 2

    Exactly. And forced reboots. Personally I think forced reboots is a security hole. It means I can lose my data without warning, something that used to be considered a bug in an operating system.

    --
    == Jez ==
    Do you miss Firefox? Try Pale Moon.