Roy Schestowitz wrote:
> McAfee: Microsoft completely unrealistic on Vista
>
> ,----[ Quote ]
> | Windows Vista does not ship with antivirus software installed and
> | active, but for the first time Microsoft will be promoting their own
> | antivirus service in Windows OneCare. Alex Eckelberry, CEO of Sunbelt
> | Software, has already called Microsoft's plans predatory based on
> | pricing. McAfee is focusing its critique on operating system design,
> | arguing instead that Microsoft's decisions with Vista will simply make
> | the operating system less secure.
> |
> | In the advertisement, McAfee CEO George Samunek is quoted as saying,
> | "Microsoft is being completely unrealistic if, by locking security
> | companies out of the kernel, it thinks hackers won't crack Vista's
> | kernel. In fact, they already have." The advert continues: "With its
> | upcoming Vista operating system, Microsoft is embracing the flawed logic
> | that computers will be more secure if it stops co-operating with the
> | independent security firms."
> `----
>
> http://arstechnica.com/news.ars/post/20061002-7875.html
>
> The back the claim that Vista has /already/ been hacked (even at kernel
> level):
>
> Black Hat Takes Vista to Task
>
> ,----[ Quote ]
> | She demonstrated two potential attack vectors. One could allow unsigned
> | code to be loaded into the Vista kernel. The second vector involved
> | taking advantage of AMD's Pacific Hardware Virtualization to inject a
> | new form of super malware that Rutkowska claimed to be undetectable.
> `----
>
> http://www.internetnews.com/security/article.php/3624861
>
> Symantec highlights Windows Vista user vulnerabilities
>
> ,----[ Quote ]
> | Symantec has shed more light on potential vulnerabilities in Windows
> | Vista that could circumvent new security measures and leave users
> | vulnerable to attack.
> `----
>
> http://www.theregister.co.uk/2006/08/02/symantec_windows_vista_security/
>
> Symantec continues Vista bug hunt
>
> ,----[ Quote ]
> | After poking around the Windows Vista networking stack, Symantec
> | researchers have tried out privilege-escalation attacks on an early
> | version of the Windows XP successor.
> |
> | "We discovered a number of implementation flaws that continued to allow
> | a full machine compromise to occur," Matthew Conover, principal
> | security researcher at Symantec, wrote in the report titled "Attacks
> | against Windows Vista's Security Model." The report was made available
> | to Symantec customers last week and is scheduled for public release
> | sometime before Vista ships, a Symantec representative said Monday.
> `----
>
> http://news.zdnet.com/2100-1009_22-6097976.html
>
> Symantec Finds Flaws In Vista's Network Stack
>
> ,----[ Quote ]
> | Researchers with Symantec's advanced threat team poked through
> | Vista's new network stack in several recent builds of the
> | still-under-construction operating system, and found several bugs
> | -- some of which have been fixed, including a few in Monday's
> | release -- as well as broader evidence that the rewrite of the
> | networking code could easily lead to problems.
> |
> | [...]
> |
> | Among Newsham's and Hoagland's conclusions: "The amount of new
> | code present in Windows Vista provides many opportunities for
> | new defects."
> |
> | "It's true that some of the things we found were 'low-hanging
> | fruit,' and that some are getting fixed in later builds,"
> | said Friedrichs. "But that begs the question of what else
> | is in there?"
> `----
>
> http://www.techweb.com/wire/security/190700049;jsessionid=MWLALDT21M1...
>
> Symantec Says Windows Vista Will be Less Secure than XP
>
> ,----[ Snippet ]
> | Symantec said earlier last week that there were no viruses for Apple's
> | OS X.
> `----
>
> http://www.dailytech.com/article.aspx?newsid=3389
>
> Symantec sees an Achilles' heel in Vista
>
> ,----[ Quote ]
> | Some of Microsoft's efforts to make Windows Vista its most stable and
> | secure operating system ever could cause instability and new security
> | flaws, according to a Symantec report.
> |
> | [...]
> |
> | "Microsoft has removed a large body of tried and tested code and
> | replaced it with freshly written code, complete with new corner cases
> | and defects," the researchers wrote in the report, scheduled for
> | publication Tuesday.
> `----
>
> http://news.zdnet.com/2100-1009_22-6095119.html
This is a bit of a tricky one, because anti-virus and security would
undoubtedly be better integrated into the kernel. It would certainly be
faster.
Norton wanted to be more deeply ingrained into the MS OS system several
versions ago. There was even an agreement of some kind at one time with
Symantec, I don't know what came of that. Norton also wanted to properly
secure an area of the system so that the anti-virus code itself could be
invisible to the virus (as in a Linux system). But neither was given by MS.
Whether MS are capable of putting in the necessary security plus their
current record with virus's and holes we have to all be doubtfull of, could
they really come up with a viable solution when they have ignored the
problem for so long. Then when you concider all the years Vista has been in
development and it seems the idea of adding security only came about
through preasure from outside of MS in the last half year or so. I think it
was just pre-xmas when developers who had ever been on MS mailing lists or
job books were getting messages asking for help with security. We were
invited to a forum, simmilar to a forum many years ago when Win98 and NT
were in development.
I attended that previous one and MS went against the vast majority who took
part in the very detailed discussions, we could have had a great deal less
virus/hacking on the release of Win98 had MS gone with the majority. I
wasn't going to enter into this current one because MS only have themselves
to blame for the current mess (besides I hardly ever do development these
days), even past the XP work, Vista had enough development time to be made
fully clean and safe, but they obviously didn't bother.
I would have thought that with the current situation they would have been
much better off selecting one of the security/anti-v vendors and letting
them build right inside the MS code. Ok, that would have meant that the
other security vendors would be out of the picture, but the main thing we
need as soon as possible is that MS gets secure, as I have said in here
before, we All need MS to get secure whether we use their computers or not.
Until they do we are all going to struggle to move on in the computing
world.
Linux