"Kindly"? Are you serious? There was nothing "kind" about it. It's anti-Android PR for Microsoft. Why the hell do you think Microsoft was involved with looking into it in the first place? The goodness of their hearts? Puh-leeeeeze.
What do you think of IE vulnerabilities found by Googlers ?
> At least under Linux, device classes with user-mode drivers include printers (CUPS), scanners (SANE), video (X), and even installable file systems (FUSE).
Imagine that, most of this is also running in user-mode in Windows.
> And if your system dies? When you get a new one call Nintendo's customer support, give them your old serial number and then give them your new serial number and Nintendo transfers everything you've purchased to your new console. Then everything you've purchased is available to download.
It is about as possible to access entire registry from any application as it is to access entire filesystem from any application. Registry has ACLs, and if you do not run as an admin, there are lots of registry keys which you can not change and some which you can not even read.
ASLR and DEP are defense in depth technologies. They make exploiting buffer overruns much harder but you have to have a buffer overrun in a first place. It is definetely not a 'game over'. And the rest of an article talking about.Net and IE and some misterious 'memory objects' sounds like complete bullshit made up by technology ignorant journalist.
> I mean, it sure looks like employees outnumber the actual guests there, and I suspect the guests are Microsoft contractors or employees of Microsoft Gold Partners that were forced to go by their boss.
There are no "actual guests" here. It is strictly MS full-time employee only. Nobody forces anyone to attend.
What users are you talking about? This is conference internal to Microsoft, with speakers invited (mostly) from Black Hat conference. It is limited to full-time employees ("blue badges") hence - BlueHat.
$DUDE finds vulnerability in $PRODUCT made by $VENDOR. $DUDE claims this is really serious and should be fixed at once. (optional) $DUDE does the Right Thing and tells $VENDOR about it so they can fix it before he goes public. $DUDE finds vulnerability in $PRODUCT made by $VENDOR. $DUDE claims this is really serious and should be fixed at once. (optional) $DUDE does the Right Thing and tells $VENDOR about it so they can fix it before he goes public. $VENDOR fixes the vulnerabilty and publishes the fix as IMPORTANT security update $VENDOR replies in public blog that $DUDE's claims are overblown. Flamewar on/. because nobody RTFA, lots of page hits, lots of add revenue, PROFIT!!
> * Of course, it's not really meaningful to talk about a language protecting you from SQL injections; it's the database library that decides whether to send SQL to the database or not. I'm talking about the most popular libraries here (e.g. Perl's DBI).
And this is differnt from Microsoft offerings how?
In IE7's Protected Mode--which is the default in other than the Trusted security zone--the IE process runs with Low rights, even if the logged-in user is an administrator. Since add-ins to IE such as ActiveX controls and toolbars run within the IE process, those add-ins run Low as well. The idea behind Protected Mode IE is that even if an attacker somehow defeated every defense mechanism and gained control of the IE process and got it to run some arbitrary code, that code would be severely limited in what it could do. Almost all of the file system and registry would be off-limits to it for writing, reducing the ability of an exploit to modify the system or harm user files. The code wouldn't have enough privileges to install software, put files in the user's Startup folder, hijack browser settings, or other nastiness.
In Protected Mode IE writes/reads special Low versions of the cache, TEMP folder, Cookies and History:
Cache: %userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low Temp: %userprofile%\AppData\Local\Temp\Low Cookies: %userprofile%\AppData\Roaming\Microsoft\Windows\Cookies\Low History: %userprofile%\AppData\Local\Microsoft\Windows\History\Low
> workers to fill these jobs? Microsoft knows there are enough American workers to fulfill their quota, they > just don't want to pay these people what they are truly worth.
And how do you know that? Did you interview with Microsoft and was offered a position but declined because pay was too low? Or did you friends had such experience?
> Keep in mind that before Google came in with a powerful search capability, Microsoft didn't have one yet. For all you know, if Google hadn't done one, Microsoft never would have done anything but the piss-poor dog-slow search they had previously. You think the next company will bother, if Microsoft is allowed to continually squash any product it decides it wants to squash?
They actually had a powerful search capability since NT4. It was not well exposed in GUI and was not running by default. It was called Indexing Service. Current Vista Search is modified Indexing Service + GUI. It was even done by the same team.
> I'm a bit on the fence about this. On one hand, part of the Wii's charm is that a parent wouldn't have to worry about junior getting his hands on extremely questionable games.
Well, 360 has pretty nice parental controls. You can set them up and kid will not be able to start anything with higher rating than, say "E" "T"
I still don't understand where the supposed security gain is. Since when is malware unable to click ok itself?
UAC prompt opens in separate logical desktop. Applications from main desktop can not send windows messages to it which means malware will be unable to click ok itself.
Slashdot Mirror
"Kindly"? Are you serious? There was nothing "kind" about it. It's anti-Android PR for Microsoft. Why the hell do you think Microsoft was involved with looking into it in the first place? The goodness of their hearts? Puh-leeeeeze.
What do you think of IE vulnerabilities found by Googlers ?
http://www.google.com/about/ap...
> At least under Linux, device classes with user-mode drivers include printers (CUPS), scanners (SANE), video (X), and even installable file systems (FUSE).
Imagine that, most of this is also running in user-mode in Windows.
Would it have been so hard for them to deprecate the registry interface by making it look like a folder to the command line?
Registry actually looks like a folder to Powershell command-line, since about Vista/Win2008 server times.
As of Vista there is no such thing as Media Center edition.
> And if your system dies? When you get a new one call Nintendo's customer support, give them your old serial number and then give them your new serial number and Nintendo transfers everything you've purchased to your new console. Then everything you've purchased is available to download.
And this is better than Xbox 360 how ?
Vista already does what you just described for registry and file access. It is enabled on per-app basis though.
It is about as possible to access entire registry from any application as it is to access entire filesystem from any application. Registry has ACLs, and if you do not run as an admin, there are lots of registry keys which you can not change and some which you can not even read.
Pass me some of the stuff you are smoking please...
ASLR and DEP are defense in depth technologies. They make exploiting buffer overruns much harder but you have to have a buffer overrun in a first place. It is definetely not a 'game over'. And the rest of an article talking about .Net and IE and some misterious 'memory objects' sounds like complete bullshit made up by technology ignorant journalist.
> I mean, it sure looks like employees outnumber the actual guests there, and I suspect the guests are Microsoft contractors or employees of Microsoft Gold Partners that were forced to go by their boss.
There are no "actual guests" here. It is strictly MS full-time employee only. Nobody forces anyone to attend.
What users are you talking about? This is conference internal to Microsoft, with speakers invited (mostly) from Black Hat conference. It is limited to full-time employees ("blue badges") hence - BlueHat.
Dude, it was already fixed and fix was released on April 8. RTFA.
Actually it went like this, see the bold below
/. because nobody RTFA, lots of page hits, lots of add revenue, PROFIT!!
$DUDE finds vulnerability in $PRODUCT made by $VENDOR.
$DUDE claims this is really serious and should be fixed at once.
(optional) $DUDE does the Right Thing and tells $VENDOR about it so they can fix it before he goes public.
$DUDE finds vulnerability in $PRODUCT made by $VENDOR.
$DUDE claims this is really serious and should be fixed at once.
(optional) $DUDE does the Right Thing and tells $VENDOR about it so they can fix it before he goes public.
$VENDOR fixes the vulnerabilty and publishes the fix as IMPORTANT security update
$VENDOR replies in public blog that $DUDE's claims are overblown.
Flamewar on
> * Of course, it's not really meaningful to talk about a language protecting you from SQL injections; it's the database library that decides whether to send SQL to the database or not. I'm talking about the most popular libraries here (e.g. Perl's DBI).
And this is differnt from Microsoft offerings how?
> And there's part of the reason why MSIE under Vista has given us a number of admin-level vulnerabilities, in spite of this security model.
If you turn off UAC, PIE gets turn off as well. So if there is a MSIE vuln and UAC is turned off - here you go, admin-level vulnerability in Vista.
Here is your linkey http://blogs.msdn.com/ie/archive/2006/02/09/528963.aspx
Quote from the linkey
In IE7's Protected Mode--which is the default in other than the Trusted security zone--the IE process runs with Low rights, even if the logged-in user is an administrator. Since add-ins to IE such as ActiveX controls and toolbars run within the IE process, those add-ins run Low as well. The idea behind Protected Mode IE is that even if an attacker somehow defeated every defense mechanism and gained control of the IE process and got it to run some arbitrary code, that code would be severely limited in what it could do. Almost all of the file system and registry would be off-limits to it for writing, reducing the ability of an exploit to modify the system or harm user files. The code wouldn't have enough privileges to install software, put files in the user's Startup folder, hijack browser settings, or other nastiness.
In Protected Mode IE writes/reads special Low versions of the cache, TEMP folder, Cookies and History:
Cache: %userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
Temp: %userprofile%\AppData\Local\Temp\Low
Cookies: %userprofile%\AppData\Roaming\Microsoft\Windows\Cookies\Low
History: %userprofile%\AppData\Local\Microsoft\Windows\History\Low
> I don't see how anyone could have fixed all that bloated crap code so fast for starters.
Define fast. IE 7 was released more than year ago.
Also, how well do you know IE code to judge it as bloated crap?
> Microsoft was always selling them at a loss to retailers.
And you know this how ?
Play Eve Online then. You will get all this and more.
> workers to fill these jobs? Microsoft knows there are enough American workers to fulfill their quota, they > just don't want to pay these people what they are truly worth.
And how do you know that? Did you interview with Microsoft and was offered a position but declined because pay was too low? Or did you friends had such experience?
Keep dreaming. They will get a green card and stay. Or move to Google Kirkland. Or to Amazon. Or create a startup...
> Keep in mind that before Google came in with a powerful search capability, Microsoft didn't have one yet. For all you know, if Google hadn't done one, Microsoft never would have done anything but the piss-poor dog-slow search they had previously. You think the next company will bother, if Microsoft is allowed to continually squash any product it decides it wants to squash?
They actually had a powerful search capability since NT4. It was not well exposed in GUI and was not running by default. It was called Indexing Service. Current Vista Search is modified Indexing Service + GUI. It was even done by the same team.
> I'm a bit on the fence about this. On one hand, part of the Wii's charm is that a parent wouldn't have to worry about junior getting his hands on extremely questionable games.
Well, 360 has pretty nice parental controls. You can set them up and kid will not be able to start anything with higher rating than, say "E" "T"
Both Blu-Ray and HD-DVD standards include VC1 codec which is actually WMV.
I still don't understand where the supposed security gain is. Since when is malware unable to click ok itself?
UAC prompt opens in separate logical desktop. Applications from main desktop can not send windows messages to it which means malware will be unable to click ok itself.