You are looking at posts that were written in the month of February in the year 2007.
Posted on February 21st, 2007 by Tim.
Categories: General/Misc..
This morning from sc: Vista security overview.
FTA: “As Billg likes to point out, Windows is the platform on which 90 per cent of the computing industry builds, and this naturally means that it’s the platform on which 90 per cent of spyware, adware, virus, worm, and Trojan developers build.”
WRONG. It’s the platform on which 90 percent of the computing industry build, so it’s the platform on which 99.99% of the spyware, adware etc. developers build on. Given two equal operating systems, one with 90% of the install base, which platform would you write spyware for? Something that people tend to forget is that in this day and age, viruses, spyware, and trojans aren’t written by bored hackers; they’re written by people with a profit motive.
Posted on February 20th, 2007 by Tim.
Categories: General/Misc..
Just hit the presses, 4 GB May Be Vista’s RAM Sweet Spot. As usual, slashcrap quotes half the story to make MS look bad. I’m running vista with around two dozen programs running, and my physical ram usage is at 58%, and I have 2 gigs of ram. I never had a problem running Vista with 1 gig either. With the usage patterns of 90% of the population, 1 gig is more than enough for Vista, and at today’s prices for ram, it would be silly to go with any less.
In addition, the slashcrappers demonstrate their ignorance with comments that show they don’t understand the difference between physical ram and address space.
Posted on February 20th, 2007 by Tim.
Categories: Business/The Software Industry, Tim.
User Account Control, or UAC, is Microsoft’s solution to the “Always Admin” problem in XP. Most unix guys deride Windows XP because it has the user run as root (aka Administrator) by default. Running as Administrator means that if you get infected with spyware/viruses, the whole computer is pretty much infected. The reason for running as administrator by default is historical: Windows 9x had basically no multi-user separation, everyone was an admin. As a result, programs written for Windows 9x assumed they had write privileges to every file on the system, including files in system32 and their own directory in Program Files. If Windows XP suddenly had users running under limited accounts, 99% of windows 9x software would immediately break when run on XP. And unlike Apple, Microsoft makes backwards compatibility one of their most important priorities (for better or worse).
Fast forward about a decade to Windows Vista. Security is (and will forever be) a huge concern in operating system design. Running as administrator is no longer a viable option. However, backward compatibility is just as important as ever before. The solution, in the form of UAC, is to prompt the user every time administrator privileges are required. This allows users to continue to run as administrators, but selectively elevate their privilege level when needed in order to perform administrative tasks (such as installing programs). Every time elevation is required, the screen grays out, forcing the user to select whether they want to approve or deny.
From a user interface perspective, this really kind of stinks. Apple derides UAC in their Mac vs. PC advertisements (which is interesting, since OSX has a similar elevation mechanism I’m told). The problem is that admin privileges are simply needed too often. You need admin privileges to install applications, change system settings, but also 90% of legacy applications require admin privileges to run properly. Vista alleviates some of this to a certain extent by virtualization of the filesystem and the registry to give legacy applications the illusion of running as Administrator. However, there are plenty of programs that this doesn’t work for.
Fortunately, this is really a temporary problem. Any application written after the introduction of Vista, even if written to run on XP, will be written with the assumption that “I am not running as administrator”. This is fantastic, because new programs will be written to play nice on a limited account, and so will never need to request elevation. In other words, no more UAC prompts!
UAC is like fine wine, it only gets better with age.
Posted on February 18th, 2007 by Tim.
Categories: General/Misc..
Apparently some people don’t know what “integrity” means, and I’m not talking about moral character here. FTA:
Using a mechanism Microsoft calls MIC (Mandatory Integrity Control), Vista assigns one of five ILs (Integrity Levels) to objects: Untrusted, Low, Medium, High and System. Windows Vista uses a token-based system for executing privileges and maintaining integrity.
…
While Vista’s Biba Model “is really good from a security perspective,” Jaquith said, “Microsoft cut some corners here.” Rutkowska identified some of those cut corners in her blog post.
…
“In other words, if somebody exploits [Internet Explorer] running in Protected Mode (at Low IL), she will be able to read (i.e. steal) all user’s data,” Rutkowska wrote in her blog post. “This is not an implementation bug, this is a design decision and it’s cleverly called the ‘read-up policy.’”
How did they miss the point so completely? First off, the Biba Model is meant to be an Integrity model, not a Confidentiality model. Saying that “Microsoft cut some corners” allowing confidentiality leaks is fairly ridiculous. Secondly, Mandatory Integrity Control is NOT a Biba Model (despite being inspired by it). If it were, then objects of higher integrity levels would not be able to read from objects at lower integrity, in other words no read down. The Biba Model says nothing about “reading up”.