Use Regmon and Filemon from sysinternals.com to discover which files/keys the program is trying to modify and is failing on. Then adjust the ACLs on those files/keys so that the Gamers group has write access.
One of the conditions for obtaining the "Designed for Windows XP" Logo is that the program must be capable of being run under a Limited user account. If MS's own software isn't capable of this then you ought to report it to them as a bug.
The situation with XP home which only has "Limited" and "Administrator" account types really does not help people adopt more secure working practices.
The situation ought to improve in future but at the moment it does not seem to be something that most developers test against.
Well programs can still send messages to other programs, the software for my IR remote sends WM_Command messages to cause actions in my DVD software. But the difference is that it doesn't start the program executing arbitrary code. The WM_Timer basically told the program to jump to a pointer given in the message, most other callback messages can only start executing at a point predefined by that process.
A full solution is to make sure all the apps that present interfaces on the desktop only run at the same privelege level as the user. Microsoft may be guilty of breaking that rule themselves, but fixing it does not require a rewrite of the kernel.
IFAIK they made things like GDI and User32 run in kernel space for performance reasons, not changing the kernel executive itself. I'm not saying it was a good idea for stability but I don't think the kernel relies on those componants being there.
No at the moment you can't install NT on its own, though there are some programs that are written against NT rather than Win32. But the point is that whatever problems there are presently in windows, the solution does not require rewriting everything from scratch.
Why can't Win32 be sandboxed? They put DOS apps into NTVDM, Win16 apps run in wowexec, why not run Win32 in a layer of its own? Mac did it with classic.
It can't happen all at once, theres too much legacy stuff to support, but once a critcal mass of WinFX apps exist Win32 can be relagated to just another subsystem.
In any case Windows Messages are only part of Win32 and not part of the NT kernel. NT was originally designed to be API independant it was to support OS/2 and also Posix APIs as well as Windows. The various supported APIs are built as layers on top of the NT executive. Fixing or even replacing Win32 would not require rewriting the kernel.
With Longhorn the primary API for Windows is transitioning away from Win32 to the managed WinFX. This will be a much more code level security and Windows Messages will no longer exist in their current form.
Win32 will of course still exist for compatibility but it will be increasingly sandboxed as WinFX based applications are created to replace their Win32 versions. Every application installed will be rated on trust with Unmanaged legacy apps automatically gaining a low trust score so the User is warned before running them.
Thankyou. Too many people here compare the security of *nix and Mac OSX to Windows 9x.
Unix isn't inherently more secure than NT, its just some bad decisons by MS to put features and backwards compatibility above security defaults that makes Windows less secure out of the box.
The idea that NT cannot be locked down as much as Unix due to design issues seems to perpetuate.
But you shouldn't compare the security of OSX with Windows98/ME. Compare OSX with NT based systems and oS9 with 9x. One generation was built with security in mind, the other wasn't. The issues with 2000/XP are out of the box configuration issues generally and not OS design. NT can be secure, it just takes a bit of work because the systems pre Server 2003 were shipped configured for compatability rather than security.
There is a reason for keeping the dlls in one place, and its the reason for dlls in the first place. When two processes request the same dll the OS only loads it into physical memory once and maps it in to each processes address space. Virtually every program you run will be using user32, gdi etc, and the memory sharing reduces the memory requirements considerably. There is no reason for a dll that only one process uses being stored in the system folder, but programs tend to install files that might be shared by several processes and a lot of installers are not very careful how they do it.
Microsofts solution to dll hell with System File Protection does add another layer of bloat, but it also solves the problems of crappy old program installers overwriting critical system files. Microsofts curse is the level of backwards compatibility it must maintain so that 5+ year old VB line of business apps go on working on each new version. The number of hacks that must be introduced in just to keep poorly written programs running are probably the cause of many of the problems. XP home could have better security if it didn't make every user an administrator, but how many people would complain if all their old apps and games stopped working?
With closed source software binary and environment compatibility is paramount.
The registry was an OK idea that turned out badly. Its a good idea to have a centralised way of storing/retrieving application settings, com componant registrations, file type associations etc. Its a good idea to have this be a cached in memory hierachical structure for fast access. Its not a good idea to have its backing store be a single binary file that continually expands and cannot easily be repaired if mistakes occur. Its not a good idea to let any program alter any other programs settings, or take over file types without permissions.
Things like gConf are the registry done right. Theres no reason not to store the actual settings in per application xml files that are parsed into a memory based structure for fast access and rewitten to the disk in human readable form on modification.
Do Mac users never send each other excutables via email? Do they have to know how to chmod or does the email app read the file type extension and automatically set the execute permission where it thinks it is appropriate? Do you have to start a program with sudo in order for it to request root access? Isn't there an API that any program can use to request root access temporarily in order to perform a certain action. How often does a typical Mac user have to enter their admin password during a typical day? Might it not become an automatic action, see the dialog - type the password, without worrying about which application is requesting admin access or what it is intending to do? Most people already click OK on dialog boxes without reading them carefully.
A program doesn't need admin access to delete or corrupt all the users files, or to open outgoing ports. A virus could still cause a lot of damage without needing root at all.
It seems people tend to trust attachments that pretend to be cool screensavers or OS patches, are all OS X users so much better educated that they would never run the program, or even perform a sequence of actions listed in the email?
A lot of windows users can be persuaded to delete system files because an email hoax tells them they contain viruses. Would all OSX users never be fooled if the email also told them that they would need to enter their password before a file could be deleted?
I've never used it but I thought that AppleScript let you do pretty much the same sorts of things. People are always saying how they can use AppleScript to wire up all sorts of events across applications.
Is AppleScript harder to write than VBScript? Does AppleScript have more security protections built in? Can AppleScript ask the user to enter thier password and then perform restricted operations? Can write to the hard disc, can it script events in the email application? Is there something that makes it more difficult to write malware for OS X? Or is it just that no one has bothered? How many script kiddies use Macs anyway?
Why is it any harder to write an email worm for a Mac? Send an executable attachment to the average mac user. "This is the latest security patch from Apple. Please install this on your Mac as soon as possible. You will need to enter your admin password during installation"
Sure it requires a password, but what makes Mac users more secure against social engineering? Any user program can open an outgoing port and start forwarding itself to email addresses harvested from mac centric newsgroups.
What makes that virus any more difficult to write than the average windows one?
Most viruses that exist don't exploit bugs or design flaws in the OS, they just use the published API to perform actions that the user did not intend.
Its in the "Administrative Tools" folder in Control Panel. You don't have to have Admin rights to access it. You don't have to add it to the start menu. Computer Management, Services, Event Viewer, Performance etc. All standard tools that users can access, some settings require admin rights, such as creating new user accounts.
But it lets them feel superior that they can have healthcare because they "work hard" and have a "good job", while they people who break their backs all day at Walmart or are mentally or physically disabled and actually need healthcare all the more, can't afford to have it.
I've encountered a couple of issues where a removeable usb CD-Rom\DVD drive is not reinitialised when reattached to a Windows PC after having been used once and disconnected without rebooting the machine.
Device manager shows the error code "Windows cannot load the device driver for this hardware because a previous instance of the device driver is still in memory. (Code 38)" The knowlege base solution to this problem is "Restart the computer" which is not very helpful.
In the first instance I traced the problem to an additional filter driver installed on the CD device by the CD burning software "B's Recorder Gold" made by BHA. Using the devmgr_show_nonpresent_devices trick I was able to uninstall this driver and the drive behaved normally again. A report to BHAs support department has resulted in no response. The additional driver did allow me to rip mp3s from a so called "protected" audio CD, so it wasn't totally useless.
The second instance of the problem I found to be caused by Daemon tools virtual CD software. This was harder to track down. When removeing the CD drive the drive icon would disappear for a few seconds and then reappear even without the drive connected. Attempts to access the drive would result in error messages, but the drive itself would hand around.
I think windows should tell you which of the several drivers it is trying to load for a device, is causing the problem.
The removeable storage architecture in windows NT seems to be pretty complex. There are many layers at which problems can occur and it is difficult to find out where the issue lies. I would suspect the issue is just a misconfiguration somewhere rather than hardware damage or the actions of a virus.
These kinds of changes are being introduced with XP SP2. The core system componants are bing recompiled to support the non-execute memory flag. This flag is only present on AMD64 and IA64 systems, so will not be effective on existing x86 chips. Perhaps it will included in Prescott?
Do you value your DVD player above a human life? By all means fire a warning shot into the air to let them know you are armed but do you really believe it justifiable to kill someone protect your personal property, which is probably insured anyway? I'm glad I don't live in your country.
I bet the spammers will just set up a destributed dictionary attack against the list. Encrypt every name, combination of up to 8 characters etc and compare it with the encrypted list. As soon as they find an address that matches they can add it to their list of known good email addresses. What scheme will defeat that? Make everyone have non dictionary or name addresses that are over 12 chracters long?
The DMCA makes circumventing copyright protections illegal, no matter how simple the copy protection mechanism is.
The same should be true for spam filtering. I ought to be able to set up a simple text filter, "Penis","Viagra","Nigeria","Pharmacy","Refinace" etc, ought to do it. Then any message that gets past, using some distortion of one of those words, eg. "Order SUPER V.I,A.G,R.A now osklh dq", is automatically illeagal, as it has circumvented my protection system. I wouldn't have to worry about complex baysian filtering, or false positives.
If media companies can get such protection why can individuals have it agains spammers. Obviously the DMCA is not the right law, but something similar to it would actually be a benifit.
Anyway isn't it pretty stupid to use "V.I,A.G,R.A" instead of "Viagra" as a way to get around filters? Anyone who already has a filter set on that word obviously isn't interested in buying any anyway.
The usual argument for intelligent design is that "There is no such thing as half an eye." That the eye is too complex to have evolved naturally. I tend to believe that the eye could have evolved over time, first as a patch of photosensitive skin, then perhaps a lump filled with fluid and on to the lens and the complexity we have today.
I don't know the whole story of this flagellum but I suspect a similar thing may have happened. Is it now also possible that a creature could have mutated drastically in a few generations as a result of being exposed to a DNA altering agent such as a virus?
No, it doesn't. It doesn't allow DRM files to be played back without authorisation. It doesn't record the audio stream as it plays. (at least no in the way that the loopback driver things do) Instead it allows you to save to your disc and songs that are shared on another users itunes.
This is still more convenient than using a file share becase the other users libraries are automatically detected and their databases can be indexed and searched much more quickly within itunes itself.
It is also more secure than having an open file share, as iTunes only open one port and does not allow files to be modified on the server.
No, the client included with Windows XP was called Windows Messenger. It included application sharing and was sans advertising.
Now they have released MSN Messenger 6 for consumers and Windows Messenger 5 for businesses. Windows Messenger 5 continues to use the old interface style and now supports Exchange and SIP servers and the new Live Communication Server. It does not have the games and icon sharing bits of MSN messenger 6 but again it also does not have advertising.
"However, in addition to purchasing music, one can listen to any of the music shared by others on a network. So, for example, if another person on your network has iTunes and decides to share their music, you can listen to it. iTunes does not allow you to save this music to your hard drive."
In fact iTunes sharing is supposed to be "Personal use only", not shared with other people even on the same subnet. At least thats what it says when you enable sharing on iTunes for Windows. Thats why you can also password protect your share.
Its clear that most people do allow others to see and play their music collection. http://www.wired.com/news/mac/0,2125, 61177,00.html Now they will be able to download and store it as well. I can only imagine Campus networks will grind to a halt with all the increased network traffic.
Slashdot Mirror
Use Regmon and Filemon from sysinternals.com to discover which files/keys the program is trying to modify and is failing on. Then adjust the ACLs on those files/keys so that the Gamers group has write access.
One of the conditions for obtaining the "Designed for Windows XP" Logo is that the program must be capable of being run under a Limited user account. If MS's own software isn't capable of this then you ought to report it to them as a bug.
The situation with XP home which only has "Limited" and "Administrator" account types really does not help people adopt more secure working practices.
The situation ought to improve in future but at the moment it does not seem to be something that most developers test against.
Well programs can still send messages to other programs, the software for my IR remote sends WM_Command messages to cause actions in my DVD software. But the difference is that it doesn't start the program executing arbitrary code. The WM_Timer basically told the program to jump to a pointer given in the message, most other callback messages can only start executing at a point predefined by that process.
A full solution is to make sure all the apps that present interfaces on the desktop only run at the same privelege level as the user. Microsoft may be guilty of breaking that rule themselves, but fixing it does not require a rewrite of the kernel.
IFAIK they made things like GDI and User32 run in kernel space for performance reasons, not changing the kernel executive itself. I'm not saying it was a good idea for stability but I don't think the kernel relies on those componants being there.
No at the moment you can't install NT on its own, though there are some programs that are written against NT rather than Win32. But the point is that whatever problems there are presently in windows, the solution does not require rewriting everything from scratch.
Why can't Win32 be sandboxed? They put DOS apps into NTVDM, Win16 apps run in wowexec, why not run Win32 in a layer of its own? Mac did it with classic.
It can't happen all at once, theres too much legacy stuff to support, but once a critcal mass of WinFX apps exist Win32 can be relagated to just another subsystem.
The WM_Timer exploit was patched a long time ago. This is no longer an issue.
t in /MS02-071.asp
http://www.microsoft.com/technet/security/bulle
In any case Windows Messages are only part of Win32 and not part of the NT kernel.
NT was originally designed to be API independant it was to support OS/2 and also Posix APIs as well as Windows.
The various supported APIs are built as layers on top of the NT executive. Fixing or even replacing Win32 would not require rewriting the kernel.
With Longhorn the primary API for Windows is transitioning away from Win32 to the managed WinFX. This will be a much more code level security and Windows Messages will no longer exist in their current form.
Win32 will of course still exist for compatibility but it will be increasingly sandboxed as WinFX based applications are created to replace their Win32 versions. Every application installed will be rated on trust with Unmanaged legacy apps automatically gaining a low trust score so the User is warned before running them.
Looks like they agree with your idea. Microsoft to reshuffle Windows Unit
Thankyou.
Too many people here compare the security of *nix and Mac OSX to Windows 9x.
Unix isn't inherently more secure than NT, its just some bad decisons by MS to put features and backwards compatibility above security defaults that makes Windows less secure out of the box.
The idea that NT cannot be locked down as much as Unix due to design issues seems to perpetuate.
But you shouldn't compare the security of OSX with Windows98/ME. Compare OSX with NT based systems and oS9 with 9x. One generation was built with security in mind, the other wasn't. The issues with 2000/XP are out of the box configuration issues generally and not OS design. NT can be secure, it just takes a bit of work because the systems pre Server 2003 were shipped configured for compatability rather than security.
There is a reason for keeping the dlls in one place, and its the reason for dlls in the first place. When two processes request the same dll the OS only loads it into physical memory once and maps it in to each processes address space.
Virtually every program you run will be using user32, gdi etc, and the memory sharing reduces the memory requirements considerably. There is no reason for a dll that only one process uses being stored in the system folder, but programs tend to install files that might be shared by several processes and a lot of installers are not very careful how they do it.
Microsofts solution to dll hell with System File Protection does add another layer of bloat, but it also solves the problems of crappy old program installers overwriting critical system files. Microsofts curse is the level of backwards compatibility it must maintain so that 5+ year old VB line of business apps go on working on each new version. The number of hacks that must be introduced in just to keep poorly written programs running are probably the cause of many of the problems. XP home could have better security if it didn't make every user an administrator, but how many people would complain if all their old apps and games stopped working?
With closed source software binary and environment compatibility is paramount.
The registry was an OK idea that turned out badly. Its a good idea to have a centralised way of storing/retrieving application settings, com componant registrations, file type associations etc.
Its a good idea to have this be a cached in memory hierachical structure for fast access. Its not a good idea to have its backing store be a single binary file that continually expands and cannot easily be repaired if mistakes occur. Its not a good idea to let any program alter any other programs settings, or take over file types without permissions.
Things like gConf are the registry done right.
Theres no reason not to store the actual settings in per application xml files that are parsed into a memory based structure for fast access and rewitten to the disk in human readable form on modification.
Do Mac users never send each other excutables via email? Do they have to know how to chmod or does the email app read the file type extension and automatically set the execute permission where it thinks it is appropriate?
Do you have to start a program with sudo in order for it to request root access? Isn't there an API that any program can use to request root access temporarily in order to perform a certain action.
How often does a typical Mac user have to enter their admin password during a typical day? Might it not become an automatic action, see the dialog - type the password, without worrying about which application is requesting admin access or what it is intending to do? Most people already click OK on dialog boxes without reading them carefully.
A program doesn't need admin access to delete or corrupt all the users files, or to open outgoing ports. A virus could still cause a lot of damage without needing root at all.
It seems people tend to trust attachments that pretend to be cool screensavers or OS patches, are all OS X users so much better educated that they would never run the program, or even perform a sequence of actions listed in the email?
A lot of windows users can be persuaded to delete system files because an email hoax tells them they contain viruses. Would all OSX users never be fooled if the email also told them that they would need to enter their password before a file could be deleted?
I've never used it but I thought that AppleScript let you do pretty much the same sorts of things.
People are always saying how they can use AppleScript to wire up all sorts of events across applications.
Is AppleScript harder to write than VBScript?
Does AppleScript have more security protections built in?
Can AppleScript ask the user to enter thier password and then perform restricted operations?
Can write to the hard disc, can it script events in the email application?
Is there something that makes it more difficult to write malware for OS X? Or is it just that no one has bothered?
How many script kiddies use Macs anyway?
Why is it any harder to write an email worm for a Mac?
Send an executable attachment to the average mac user.
"This is the latest security patch from Apple. Please install this on your Mac as soon as possible. You will need to enter your admin password during installation"
Sure it requires a password, but what makes Mac users more secure against social engineering?
Any user program can open an outgoing port and start forwarding itself to email addresses harvested from mac centric newsgroups.
What makes that virus any more difficult to write than the average windows one?
Most viruses that exist don't exploit bugs or design flaws in the OS, they just use the published API to perform actions that the user did not intend.
Its in the "Administrative Tools" folder in Control Panel. You don't have to have Admin rights to access it. You don't have to add it to the start menu. Computer Management, Services, Event Viewer, Performance etc. All standard tools that users can access, some settings require admin rights, such as creating new user accounts.
But it lets them feel superior that they can have healthcare because they "work hard" and have a "good job", while they people who break their backs all day at Walmart or are mentally or physically disabled and actually need healthcare all the more, can't afford to have it.
Isn't capitalism wonderful?
I've encountered a couple of issues where a removeable usb CD-Rom\DVD drive is not reinitialised when reattached to a Windows PC after having been used once and disconnected without rebooting the machine.
Device manager shows the error code "Windows cannot load the device driver for this hardware because a previous instance of the device driver is still in memory. (Code 38)" The knowlege base solution to this problem is "Restart the computer" which is not very helpful.
In the first instance I traced the problem to an additional filter driver installed on the CD device by the CD burning software "B's Recorder Gold" made by BHA. Using the devmgr_show_nonpresent_devices trick I was able to uninstall this driver and the drive behaved normally again. A report to BHAs support department has resulted in no response.
The additional driver did allow me to rip mp3s from a so called "protected" audio CD, so it wasn't totally useless.
The second instance of the problem I found to be caused by Daemon tools virtual CD software. This was harder to track down. When removeing the CD drive the drive icon would disappear for a few seconds and then reappear even without the drive connected. Attempts to access the drive would result in error messages, but the drive itself would hand around.
I think windows should tell you which of the several drivers it is trying to load for a device, is causing the problem.
The removeable storage architecture in windows NT seems to be pretty complex. There are many layers at which problems can occur and it is difficult to find out where the issue lies. I would suspect the issue is just a misconfiguration somewhere rather than hardware damage or the actions of a virus.
These kinds of changes are being introduced with XP SP2. The core system componants are bing recompiled to support the non-execute memory flag. This flag is only present on AMD64 and IA64 systems, so will not be effective on existing x86 chips. Perhaps it will included in Prescott?
r l= /library/en-us/dnwxp/html/securityinxpsp2.asp
http://msdn.microsoft.com/library/default.asp?u
Also many system services are being run at a lower privelege level to reduce the surface exposed to attack.
These major changes are the reason why XP SP2 has been so deleayed. I expect people will find it breaks quite a few exisitng applications.
Pheonix bought Award. Same company, same product.
Actually it should be "For all intents and purposes"
e .h tml
http://www.wsu.edu:8080/~brians/errors/intensiv
What is going on with people these days? "Irregardless!" "I could care less!"
Where did the English language go?
Anything is better than Microsoft Sam
Do you value your DVD player above a human life?
By all means fire a warning shot into the air to let them know you are armed but do you really believe it justifiable to kill someone protect your personal property, which is probably insured anyway? I'm glad I don't live in your country.
I bet the spammers will just set up a destributed dictionary attack against the list. Encrypt every name, combination of up to 8 characters etc and compare it with the encrypted list. As soon as they find an address that matches they can add it to their list of known good email addresses. What scheme will defeat that? Make everyone have non dictionary or name addresses that are over 12 chracters long?
Too Late, it's already happened
I've been thinking that for a while.
The DMCA makes circumventing copyright protections illegal, no matter how simple the copy protection mechanism is.
The same should be true for spam filtering.
I ought to be able to set up a simple text filter, "Penis","Viagra","Nigeria","Pharmacy","Refinace" etc, ought to do it. Then any message that gets past, using some distortion of one of those words, eg. "Order SUPER V.I,A.G,R.A now osklh dq", is automatically illeagal, as it has circumvented my protection system.
I wouldn't have to worry about complex baysian filtering, or false positives.
If media companies can get such protection why can individuals have it agains spammers. Obviously the DMCA is not the right law, but something similar to it would actually be a benifit.
Anyway isn't it pretty stupid to use "V.I,A.G,R.A" instead of "Viagra" as a way to get around filters? Anyone who already has a filter set on that word obviously isn't interested in buying any anyway.
The usual argument for intelligent design is that "There is no such thing as half an eye." That the eye is too complex to have evolved naturally. I tend to believe that the eye could have evolved over time, first as a patch of photosensitive skin, then perhaps a lump filled with fluid and on to the lens and the complexity we have today.
I don't know the whole story of this flagellum but I suspect a similar thing may have happened. Is it now also possible that a creature could have mutated drastically in a few generations as a result of being exposed to a DNA altering agent such as a virus?
No, it doesn't.
It doesn't allow DRM files to be played back without authorisation.
It doesn't record the audio stream as it plays. (at least no in the way that the loopback driver things do)
Instead it allows you to save to your disc and songs that are shared on another users itunes.
This is still more convenient than using a file share becase the other users libraries are automatically detected and their databases can be indexed and searched much more quickly within itunes itself.
It is also more secure than having an open file share, as iTunes only open one port and does not allow files to be modified on the server.
No, the client included with Windows XP was called Windows Messenger. It included application sharing and was sans advertising.
Now they have released MSN Messenger 6 for consumers and Windows Messenger 5 for businesses.
Windows Messenger 5 continues to use the old interface style and now supports Exchange and SIP servers and the new Live Communication Server. It does not have the games and icon sharing bits of MSN messenger 6 but again it also does not have advertising.
"However, in addition to purchasing music, one can listen to any of the music shared by others on a network. So, for example, if another person on your network has iTunes and decides to share their music, you can listen to it. iTunes does not allow you to save this music to your hard drive."
, 61177,00.html
In fact iTunes sharing is supposed to be "Personal use only", not shared with other people even on the same subnet. At least thats what it says when you enable sharing on iTunes for Windows. Thats why you can also password protect your share.
Its clear that most people do allow others to see and play their music collection.
http://www.wired.com/news/mac/0,2125
Now they will be able to download and store it as well.
I can only imagine Campus networks will grind to a halt with all the increased network traffic.