|"I just hit accept," Rutkowska replied to a question from the audience about how she bypassed UAC. |
A logged on user choosing to ignore warnings & install malicious code - does that count has hacking these days?
|A logged on user choosing to ignore warnings & install malicious code - does that count has hacking these days? |
I personally don't think so, but if malicious code can be run by the user, maybe that's an indication that some automated code could do the same, without the user knowing...
I would be more dissapointed if a logged in user couldn't run the code. Other than as some sort of limited user I should be able to run anything on a system that I'm logged into, malacious or not.
If this means that something could potentially run without my knowledge (which I'm kind of skeptical of) then so be it... that's the price of full control.
I agree with aspdaddy... that's working as designed
MmMmm Defcon :)
Some of these 'experts' have to remind themselves what an operating system is. It's not a pretty GUI for Samantha's word processing and web-browsing, it is a fully integrated multi-tasking computation environment.
As already alluded to by Xkribble's perceptive post, there is absolutely no reason why an operating system should refuse to run any code if the user chooses to 'accept' (reject) the security warning.
Perhaps Joanna Rutkowska would prefer that the OS only allows execution of code pretested and precertified by Microsoft?
10 PRINT "HELLO WORLD"
Error at line 10. Attempt to execute uncertified code.
Another point in the article:
|To stage the attack, however, Vista needs to be running in administrator mode, Rutkowska acknowledged. That means her attack would be foiled by Microsoft's User Account Control, a Vista feature that runs a PC with fewer user privileges. |
Vista is making it a lot easier for the average user to operate without using an Admin level account.
Too bad they havent announced the results of testing :)
Ah, Vince, the old days of 'line numbers'.....
Thinking back, I never had these security issues with my Commodore 64...
.... or TRS80s, or CoCos, etc
the good old days!
There are practically no software that you can't hack, researchers need to make a living too :)
Of course terms such as hacked/cracked are subjective in our current culture.
I would assume that with Vista, there needs to be clarification/categorisation between the "you clicked the yes button stupid and it did something bad" issues and those that require no action from the user.
Each of these are hazards and what I'd love to see is a low risk of none-user involved problems and a healthly usuable balance between hazard/risk based on operations a user can do by default.
A user logged in as administrator can potentially install an unsigned driver if they try really hard.
In every other operating system, unsigned drivers can be installed by administrators without any hacks. This includes previous versions of Windows such as Windows XP.
What Microsoft is trying to do is to improve stability of computers by ensuring all drivers are certified by Microsoft. Thus making it less likely that malfunctioning drivers will find their way on to end-users computers.
So it's now theoretically possible that a hardware manufacturer could save costs by incorporating these hacks in to their drivers and release them to the public without going through the certification process.
In practice, this wont happen. Microsoft could patch this particular issue at any moment and suddenly all the users of hardware with unsigned drivers would find their hardware not working at all. No hardware manufacturer is going to want a scenario like that on their hands.
There's no conceivable way that Microsoft could stop a user from creating drivers on their computer. it's just not possible. There's always a way that a user can bypass the operating system and install the drivers at a lower level and use workarounds from within windows to allow access.
Microsofts intention is to stop hardware manufacturers issuing unsigned drivers to the public. This workaround does not feasably offer a way for manufacturers to issue unsigned drivers. It really is a non-issue.
In my experience, user error can eaasily defeat any number of protections and security features.
What I would like to see is a permanent virtual machine, with a System restore like roll back (i.e. incremental backup) for the entire VM. Let them do all their browsing in a VM and keep it isolated and readily replaceable.
|Microsofts intention is to stop hardware manufacturers issuing unsigned drivers to the public. |
I personally believe this to be a bad thing and hope that it is circumventable. Microsoft should not be the body responsible for deciding what code runs easily and what code they runs only as an administrator and with warnings. It needs to be someone like the ISO.
When XYZ Corp. comes out with an X Box 360 emulation card at $25.00 or something which treads of Microsoft's toes - do you really think Microsoft are going to allow that code to be certified...?
The VM idea is a good one. Currently I browse using VMWare Player and various small Linix distros with FireFox. The VM never saves any data, it just refreshes from the image each time I start up.
Or you can just install VMware's browser appliance which achieves the same thing.
Didnt surprised me