This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees. According to Dino Dai Zovi, a popular security researcher, "the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over."
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-06-30
It's an intentional limitation in the customer versions of Windows. Windows Server can easily host multiple sessions with Terminal Services.
The multi-user architecture is definitely there. It's quite misused though.
I am looking for the day when that single box hosts so many connections with fully-featured GUIs. Joe Sixpack doesn't want to work with consoles.
Member since:2005-12-18
Sorry to disappoint you, man... but this is pretty old news: http://linuxgazette.net/124/smith.html
Member since:2005-11-10
I am looking for the day when that single box hosts so many connections with fully-featured GUIs. Joe Sixpack doesn't want to work with consoles.
Actually if you remote access a Unix or Linux server you can then use X (You can use x11vnc)
So yes if your Linux server or Unix server can handle it you could run 1000 copies of Gnome or KDE as users. Its how the Linux terminal server project works.
Oh and you don't have to pay for a ton of licenses to do that (Unlike you do in Windows)
Member since:2007-02-17
The multi-user architecture is definitely there. It's quite misused though.
Another designed-in limitation of Windows ... you can't have more than one user simultaneously logged-in, even though the OS is designed to support it, because ... Microsoft wants to charge you a bootload more money for the same code if you want multiple users logged in?
Typical.
What a rip-off.
Most OSes have been true multi-user for forty years or more.
http://en.wikipedia.org/wiki/Multics
Member since:2005-07-06
Uh?
I've got ~10 active VNC sessions and ~10-20 active X connections on a single 2x2 Opteron machine.
The VNC desktops are running KDE and GNOME. (Depending on user preference).
Oh... and the sessions are being used for software development - read: people write code, compile and debug on this machine simultaneously.
We tried the same on the same machine with 2K3 terminal and the results were abysmal.
- Gilboa
Edited 2008-08-09 12:55 UTC
Member since:2005-11-13
For those who believe Windows to be a multi-user system at the core, log into you Windows box twice as the same user - i.e., run two simultaneous sessions as the same user. Are you there yet?
No problem. Log into the workstation and hit the Run command off the start menu, use RunAs to launch any program you want with the same account. Done.
Even different users being logged in at the same time is done with "fast-user switching".
fast-user switching is only used for multiple logins at the local console. You can connect multiple users remotely including the loading of their entire user profile and desktop without fast user switching. On XP you'll need to hack a DLL as MS imposed an artificial limitation to protect terminal services licenses but the OS is otherwise fully capable of it.
The multi-user OS is an illusion.
Really? Sure seems to work with thousands of users at the company I work for.
It is a hobby OS meant to keep track of your CD's and home checkbook. The current web-connected computer was not envisioned when it was created.
The current web connected computer was not envisioned when any of our operating systems in use today were created. NONE of them. They have all had to undergo changes in order to handle todays connected world.
I agree that Microsoft has done a pretty good job of bolting on fine-grained permissions, etc. with the NT kernel.
They've been there since the first release of NT, included as part of the original design. It was the home user market moving to NT largely with XP and Microsoft touting the mindset that the user is the administrator that has created a large part of the mess we experience on windows.
Member since:2005-07-06
For those who believe Windows to be a multi-user system at the core, log into you Windows box twice as the same user - i.e., run two simultaneous sessions as the same user. Are you there yet? Even different users being logged in at the same time is done with "fast-user switching". The multi-user OS is an illusion. It is a hobby OS meant to keep track of your CD's and home checkbook. The current web-connected computer was not envisioned when it was created. Meanwhile, Unix was serving 1000's of simultaneous user sessions on a single box. Security was paramount from early on. I agree that Microsoft has done a pretty good job of bolting on fine-grained permissions, etc. with the NT kernel. But no matter how you spin it, processes in the Windows world "long to be free" and by nature tend to take over the computer. Only a massive harness-and-strap framework like we see in the Vista OS can try to prevent these processes from running wild. But just like "life" in the first Jurassic Park movie, they always find a way.
Now lets quit arguing, grab a nice BSD kernel, toss a few bucks at the kernel devs, close it all up for profit, and get to crackin' on that shiny new Winders!
Just to address the fine grained security you mentioned; there is also the obvious issue of complexity. Its all very nice having things incredibly fine grained, but through this complexity there are the obvious possibility of accidental misconfiguration. There is a line where one can be too flexible to the point that it can be detrimental to the health of the system
Regarding the BSD; I'd love to see a BSD Core + Amiga GUI, then I would be a happy camper. I'd move to it immediately. Too bad its a pipe dream given the lack of backbone Microsoft has when making decisions. Rather then being decisive like Steve Jobs, they remind me of my grandma as to whether she should buy loose leaf tea now or wait next week to see whether it is on special the following week.
Someone needs to have the backbone to stand up, make a grand vision for the whole company, and push it towards that goal - and those who stand in the way because of internal politics are given some cash, a pat on the bum, shown the door and told "best of luck in an economic down turn".
Edited 2008-08-09 04:05 UTC
Member since:
2005-07-06
For those who believe Windows to be a multi-user system at the core, log into you Windows box twice as the same user - i.e., run two simultaneous sessions as the same user. Are you there yet? Even different users being logged in at the same time is done with "fast-user switching". The multi-user OS is an illusion. It is a hobby OS meant to keep track of your CD's and home checkbook. The current web-connected computer was not envisioned when it was created. Meanwhile, Unix was serving 1000's of simultaneous user sessions on a single box. Security was paramount from early on. I agree that Microsoft has done a pretty good job of bolting on fine-grained permissions, etc. with the NT kernel. But no matter how you spin it, processes in the Windows world "long to be free" and by nature tend to take over the computer. Only a massive harness-and-strap framework like we see in the Vista OS can try to prevent these processes from running wild. But just like "life" in the first Jurassic Park movie, they always find a way.
Now lets quit arguing, grab a nice BSD kernel, toss a few bucks at the kernel devs, close it all up for profit, and get to crackin' on that shiny new Winders!