Linked by Amjith Ramanujam on Fri 8th Aug 2008 13:14 UTC
This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees. According to Dino Dai Zovi, a popular security researcher, "the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over."
Permalink for comment 326214
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Member since:
2007-02-17
The problem with Windows security has nothing to do with the core of the OS. It has to do with the core of MS themselves. MS has trained ISVs and their users to rely on having admin rights even when those rights are not necessary and are actually a detriment to the stability of their system. Windows has a more fine grained permission system than the *nixes but no one uses them. MS tried to rectify the issue with the AUC thing but because of the type of access most application are asking due to laziness, it fails in so many ways. It becomes annoying and instead of helping security it actually hurts because now the OS has trained users to ignore warnings. I think Ubuntu and OSX handle this much better.
I'm a linux and Mac, this is just my preference. However I do think that Windows gets a lot of flack for MS lack of balls when it comes to telling 3rd party developers to get their damn act together and also for not training uses properly from the get go. Something that Apple and Linux distros have been doing for years.