Welcome to WebmasterWorld Guest from 54.162.240.235

Forum Moderators: bill

Message Too Old, No Replies

Vista Hacked at Black Hat

     
2:03 pm on Aug 7, 2006 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



While Microsoft talked up Windows Vista security at Black Hat, a researcher in another room demonstrated how to hack the operating system.

Joanna Rutkowska, a Polish researcher at Singapore-based Coseinc, showed that it is possible to bypass security measures in Vista that should prevent unsigned code from running.

And in a second part of her talk, Rutkowska explained how it is possible to use virtualization technology to make malicious code undetectable, in the same way a rootkit does. She code-named this malicious software Blue Pill.

Vista Hacked at Black Hat [news.com.com]

3:21 pm on Aug 7, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



"I just hit accept," Rutkowska replied to a question from the audience about how she bypassed UAC.

A logged on user choosing to ignore warnings & install malicious code - does that count has hacking these days?

3:28 pm on Aug 7, 2006 (gmt 0)

10+ Year Member



A logged on user choosing to ignore warnings & install malicious code - does that count has hacking these days?

I personally don't think so, but if malicious code can be run by the user, maybe that's an indication that some automated code could do the same, without the user knowing...

3:59 pm on Aug 7, 2006 (gmt 0)

5+ Year Member



I would be more dissapointed if a logged in user couldn't run the code. Other than as some sort of limited user I should be able to run anything on a system that I'm logged into, malacious or not.

If this means that something could potentially run without my knowledge (which I'm kind of skeptical of) then so be it... that's the price of full control.

5:13 pm on Aug 7, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I agree with aspdaddy... that's working as designed
5:35 pm on Aug 7, 2006 (gmt 0)

WebmasterWorld Senior Member eliteweb is a WebmasterWorld Top Contributor of All Time 10+ Year Member



MmMmm Defcon :)
12:54 am on Aug 8, 2006 (gmt 0)

WebmasterWorld Senior Member vincevincevince is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Some of these 'experts' have to remind themselves what an operating system is. It's not a pretty GUI for Samantha's word processing and web-browsing, it is a fully integrated multi-tasking computation environment.

As already alluded to by Xkribble's perceptive post, there is absolutely no reason why an operating system should refuse to run any code if the user chooses to 'accept' (reject) the security warning.

Perhaps Joanna Rutkowska would prefer that the OS only allows execution of code pretested and precertified by Microsoft?


LISTO 7
10 PRINT "HELLO WORLD"
RUN
Error at line 10. Attempt to execute uncertified code.
4:39 am on Aug 8, 2006 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



heh heh

Another point in the article:

To stage the attack, however, Vista needs to be running in administrator mode, Rutkowska acknowledged. That means her attack would be foiled by Microsoft's User Account Control, a Vista feature that runs a PC with fewer user privileges.

Vista is making it a lot easier for the average user to operate without using an Admin level account.
8:20 am on Aug 8, 2006 (gmt 0)

10+ Year Member



Too bad they havent announced the results of testing :)
6:03 am on Aug 9, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Ah, Vince, the old days of 'line numbers'.....

Thinking back, I never had these security issues with my Commodore 64...

6:25 am on Aug 9, 2006 (gmt 0)

5+ Year Member



.... or TRS80s, or CoCos, etc
the good old days!
12:55 pm on Aug 9, 2006 (gmt 0)

10+ Year Member



There are practically no software that you can't hack, researchers need to make a living too :)
11:40 am on Aug 10, 2006 (gmt 0)

5+ Year Member



Of course terms such as hacked/cracked are subjective in our current culture.

I would assume that with Vista, there needs to be clarification/categorisation between the "you clicked the yes button stupid and it did something bad" issues and those that require no action from the user.

Each of these are hazards and what I'd love to see is a low risk of none-user involved problems and a healthly usuable balance between hazard/risk based on operations a user can do by default.

11:41 am on Aug 10, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



A user logged in as administrator can potentially install an unsigned driver if they try really hard.

In every other operating system, unsigned drivers can be installed by administrators without any hacks. This includes previous versions of Windows such as Windows XP.

What Microsoft is trying to do is to improve stability of computers by ensuring all drivers are certified by Microsoft. Thus making it less likely that malfunctioning drivers will find their way on to end-users computers.

So it's now theoretically possible that a hardware manufacturer could save costs by incorporating these hacks in to their drivers and release them to the public without going through the certification process.

In practice, this wont happen. Microsoft could patch this particular issue at any moment and suddenly all the users of hardware with unsigned drivers would find their hardware not working at all. No hardware manufacturer is going to want a scenario like that on their hands.

There's no conceivable way that Microsoft could stop a user from creating drivers on their computer. it's just not possible. There's always a way that a user can bypass the operating system and install the drivers at a lower level and use workarounds from within windows to allow access.

Microsofts intention is to stop hardware manufacturers issuing unsigned drivers to the public. This workaround does not feasably offer a way for manufacturers to issue unsigned drivers. It really is a non-issue.

10:21 am on Aug 12, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



In my experience, user error can eaasily defeat any number of protections and security features.
What I would like to see is a permanent virtual machine, with a System restore like roll back (i.e. incremental backup) for the entire VM. Let them do all their browsing in a VM and keep it isolated and readily replaceable.
12:25 pm on Aug 12, 2006 (gmt 0)

WebmasterWorld Senior Member vincevincevince is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Microsofts intention is to stop hardware manufacturers issuing unsigned drivers to the public.

I personally believe this to be a bad thing and hope that it is circumventable. Microsoft should not be the body responsible for deciding what code runs easily and what code they runs only as an administrator and with warnings. It needs to be someone like the ISO.

When XYZ Corp. comes out with an X Box 360 emulation card at $25.00 or something which treads of Microsoft's toes - do you really think Microsoft are going to allow that code to be certified...?

12:05 pm on Aug 15, 2006 (gmt 0)

5+ Year Member



The VM idea is a good one. Currently I browse using VMWare Player and various small Linix distros with FireFox. The VM never saves any data, it just refreshes from the image each time I start up.

Or you can just install VMware's browser appliance which achieves the same thing.

S

9:10 pm on Aug 19, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Didnt surprised me
 

Featured Threads

Hot Threads This Week

Hot Threads This Month