Welcome to WebmasterWorld Guest from 184.108.40.206
Forum Moderators: bill
While Microsoft talked up Windows Vista security at Black Hat, a researcher in another room demonstrated how to hack the operating system.
Joanna Rutkowska, a Polish researcher at Singapore-based Coseinc, showed that it is possible to bypass security measures in Vista that should prevent unsigned code from running.
And in a second part of her talk, Rutkowska explained how it is possible to use virtualization technology to make malicious code undetectable, in the same way a rootkit does. She code-named this malicious software Blue Pill.
Vista Hacked at Black Hat [news.com.com]
A logged on user choosing to ignore warnings & install malicious code - does that count has hacking these days?
I personally don't think so, but if malicious code can be run by the user, maybe that's an indication that some automated code could do the same, without the user knowing...
If this means that something could potentially run without my knowledge (which I'm kind of skeptical of) then so be it... that's the price of full control.
As already alluded to by Xkribble's perceptive post, there is absolutely no reason why an operating system should refuse to run any code if the user chooses to 'accept' (reject) the security warning.
Perhaps Joanna Rutkowska would prefer that the OS only allows execution of code pretested and precertified by Microsoft?
10 PRINT "HELLO WORLD"
Error at line 10. Attempt to execute uncertified code.
Another point in the article:
To stage the attack, however, Vista needs to be running in administrator mode, Rutkowska acknowledged. That means her attack would be foiled by Microsoft's User Account Control, a Vista feature that runs a PC with fewer user privileges.
I would assume that with Vista, there needs to be clarification/categorisation between the "you clicked the yes button stupid and it did something bad" issues and those that require no action from the user.
Each of these are hazards and what I'd love to see is a low risk of none-user involved problems and a healthly usuable balance between hazard/risk based on operations a user can do by default.
In every other operating system, unsigned drivers can be installed by administrators without any hacks. This includes previous versions of Windows such as Windows XP.
What Microsoft is trying to do is to improve stability of computers by ensuring all drivers are certified by Microsoft. Thus making it less likely that malfunctioning drivers will find their way on to end-users computers.
So it's now theoretically possible that a hardware manufacturer could save costs by incorporating these hacks in to their drivers and release them to the public without going through the certification process.
In practice, this wont happen. Microsoft could patch this particular issue at any moment and suddenly all the users of hardware with unsigned drivers would find their hardware not working at all. No hardware manufacturer is going to want a scenario like that on their hands.
There's no conceivable way that Microsoft could stop a user from creating drivers on their computer. it's just not possible. There's always a way that a user can bypass the operating system and install the drivers at a lower level and use workarounds from within windows to allow access.
Microsofts intention is to stop hardware manufacturers issuing unsigned drivers to the public. This workaround does not feasably offer a way for manufacturers to issue unsigned drivers. It really is a non-issue.
Microsofts intention is to stop hardware manufacturers issuing unsigned drivers to the public.
When XYZ Corp. comes out with an X Box 360 emulation card at $25.00 or something which treads of Microsoft's toes - do you really think Microsoft are going to allow that code to be certified...?
Or you can just install VMware's browser appliance which achieves the same thing.