Slashdot Mirror
How Microsoft's Windows Red Team Keeps PCs Safe (wired.com)
Wired has a story on Windows' red team, which consists of a group of hackers (one of whom jailbroke Nintendo handhelds in a former life, another has more than one zero-day exploit to his name, and a third signed on just prior to the devastating Shadow Brokers leak), who are tasked with finding holes in the world's most used desktop operating system. From the story: The Windows red team didn't exist four years ago. That's around the time that David Weston, who currently leads the crew as principal security group manager for Windows, made his pitch for Microsoft to rethink how it handled the security of its marquee product. "Most of our hardening of the Windows operating system in previous generations was: Wait for a big attack to happen, or wait for someone to tell us about a new technique, and then spend some time trying to fix that," Weston says. "Obviously that's not ideal when the stakes are very high."
[...] Together, the red teamers spend their days attacking Windows. Every year, they develop a zero-day exploit to test their defensive blue-team counterparts. And when emergencies like Spectre or EternalBlue happen, they're among the first to get the call. Again, red teams aren't novel; companies that can afford them -- and that are aware they could be targeted -- tend to use them. If anything, it may come as a surprise that Microsoft hadn't sicced one on Windows until so recently. Microsoft as a company already had several other red teams in place by the time Weston built one for Windows, though those focused more on operational issues like unpatched machines. "Windows is still the central repository of malware and exploits. Practically, there's so much business done around the world on Windows. The attacker mentality is to get the biggest return on investment in what you develop in terms of code and exploits," says Aaron Lint, who regularly works with red teams in his role as chief scientist at application protection provider Arxan. "Windows is the obvious target."
[...] Together, the red teamers spend their days attacking Windows. Every year, they develop a zero-day exploit to test their defensive blue-team counterparts. And when emergencies like Spectre or EternalBlue happen, they're among the first to get the call. Again, red teams aren't novel; companies that can afford them -- and that are aware they could be targeted -- tend to use them. If anything, it may come as a surprise that Microsoft hadn't sicced one on Windows until so recently. Microsoft as a company already had several other red teams in place by the time Weston built one for Windows, though those focused more on operational issues like unpatched machines. "Windows is still the central repository of malware and exploits. Practically, there's so much business done around the world on Windows. The attacker mentality is to get the biggest return on investment in what you develop in terms of code and exploits," says Aaron Lint, who regularly works with red teams in his role as chief scientist at application protection provider Arxan. "Windows is the obvious target."
It's a good effort, but you can't bolt security on as an afterthought. It needs to be built into the core of the system, and every programmer needs to have it in mind, because any programmer can write a security hole.
"First they came for the slanderers and i said nothing."
Microsoft's solution to insecure code was to graft on a layer of insecure security code.
Their solution to every problem is to graft on a layer of code, instead of fixing the problem. Windows is mostly made of fossilized band-aids at this point, carved into the shape of an awkward semi-tablet OS.
HAAAA, nice one :]
The Microsoft cyber attack DW Documentary
The only way the blue team can beat the red team is to turn off their computers...
Nope, thanks to the Intel IME bullshit, not even turning off will help
Actually they started out with a fairly secure OS, Windows NT. It had Unix-like permissions and actually went well beyond what most Unix-like systems of the time did in terms of access control.
They they made it into a desktop OS (2000 and XP) which meant compromising the security in order to make it more compatible with Windows 98/ME. So they took a secure OS and added layers of insecurity on top.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC