Linked by Amjith Ramanujam on Fri 8th Aug 2008 13:14 UTC
Windows This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its knees. According to Dino Dai Zovi, a popular security researcher, "the genius of this is that it's completely reusable. They have attacks that let them load chosen content to a chosen location with chosen permissions. That's completely game over."
Thread beginning with comment 326230
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Bottom Line
by CrazyDude1 on Fri 8th Aug 2008 15:45 UTC in reply to "Bottom Line"
CrazyDude1
Member since:
2007-09-17

Your post is very inaccurate. Windows (NT based versions) are inherently multi-user. Each user has their own home directory in windows as well. And security is also very tight because the user can only write to their home directory.

The problem is that most people are habitual of running windows as Administrator. This was the decision made by Microsoft to make Administrator as the default users for people migrating from Windows 9x.

These problems are due to business decisions as Microsoft doesn't want to alienate users by forcing them to run as limited user which would mean educating users on the difference between normal user account and administrator etc etc.

It is a tough problem to solve. You either bite the bullet and let users complain or you do something like UAC and still users complain or you do nothing and then users complain about security (or lack of it).

Reply Parent Score: 7

RE[2]: Bottom Line
by JoeBuck on Fri 8th Aug 2008 17:56 in reply to "RE: Bottom Line"
JoeBuck Member since:
2006-01-11

Users aren't just running as administrator out of habit; many programs just won't run correctly otherwise.

We usually run Linux on occasion, but once in a rare while I'll boot up Windows to do something or other. For example, my daughter was given a game for her birthday, so I booted up Windows to try it out. Turns out that I had to make my six-year-old girl an administrator if she wanted to play the game!

So while the architects did a good job on the core system, common practices force users to turn off the security.

Reply Parent Score: 2

RE[3]: Bottom Line
by JamesTRexx on Fri 8th Aug 2008 18:07 in reply to "RE[2]: Bottom Line"
JamesTRexx Member since:
2005-11-06

A nice workaround to giving someone admin rights just to run a game is using Sandboxie (http://sandboxie.com) to sandbox the game.
I recently used this to run Return to castle Wolfenstein with a regular user account as it wanted to change some files for which admin rights were needed.
Get a registered version and you can sandbox each program seperately and an added bonus might be that each player has their own savegames.

Reply Parent Score: 3

RE[3]: Bottom Line
by apoclypse on Fri 8th Aug 2008 19:28 in reply to "RE[2]: Bottom Line"
apoclypse Member since:
2007-02-17

Users aren't just running as administrator out of habit; many programs just won't run correctly otherwise.

We usually run Linux on occasion, but once in a rare while I'll boot up Windows to do something or other. For example, my daughter was given a game for her birthday, so I booted up Windows to try it out. Turns out that I had to make my six-year-old girl an administrator if she wanted to play the game!

So while the architects did a good job on the core system, common practices force users to turn off the security.



Well installing anything, even a game should require an admin account. There are dll files that get installed sometimes and sometimes changes to the registry. The same applies to most Linux and OSX apps. The issue I see with windows is when Ix install an app and log in as a non-admin user and get all these errors when I log in about not having permission to run my apps because they need admin rights. There shouldn't be any apps requiring admin rights unless they are making system wide changes.

Reply Parent Score: 4

RE[2]: Bottom Line
by JamesTRexx on Fri 8th Aug 2008 17:58 in reply to "RE: Bottom Line"
JamesTRexx Member since:
2005-11-06

And security is also very tight because the user can only write to their home directory.


Unfortunately not quite true...
Windows has permissions on several directories including the root of the disk that allow anyone to create files and folders, these are done with the so-called owner account.
I have to remove these permissions on terminal servers because they still allow users to install programs that don't use the Windows installers.
Only after this is done can users forget about writing anywhere but their own profile directory.

Reply Parent Score: 4

RE[3]: Bottom Line
by smashIt on Fri 8th Aug 2008 19:20 in reply to "RE[2]: Bottom Line"
smashIt Member since:
2005-07-06

Windows has permissions on several directories including the root of the disk that allow anyone to create files and folders, these are done with the so-called owner account.

please check it again
on my pc (no permissions changed) root is only writeable by the administrator and the system itself. normal users can only read from it, and guests can't even see it's content.

Reply Parent Score: 1

RE[2]: Bottom Line
by Phloptical on Fri 8th Aug 2008 22:41 in reply to "RE: Bottom Line"
Phloptical Member since:
2006-10-10

Exactly how is Windows (or NT) considered multi-user when all it takes is Power User permissions (maybe less) to be able to access anyone else's home folder on the PC?

Reply Parent Score: 3

RE[3]: Bottom Line
by Thom_Holwerda on Fri 8th Aug 2008 22:49 in reply to "RE[2]: Bottom Line"
Thom_Holwerda Member since:
2005-06-29

Exactly how is Windows (or NT) considered multi-user when all it takes is Power User permissions (maybe less) to be able to access anyone else's home folder on the PC?


Because that's how the permissions and ACLs in Windows are set up by default.

Look, just because German car manufacturers have a gentlemen's agreement to limit their cars at 250kph doesn't mean German cars can't go faster than 250kph.

The comments to this story make it abundantly clear - once again - just how much Microsoft has completely squandered the NT design, completely ignoring all the potential it had. My god Dave Cutler must be SO pissed off about all this.

Reply Parent Score: 3

RE[3]: Bottom Line
by Windows Sucks on Fri 8th Aug 2008 23:21 in reply to "RE[2]: Bottom Line"
Windows Sucks Member since:
2005-11-10

Exactly how is Windows (or NT) considered multi-user when all it takes is Power User permissions (maybe less) to be able to access anyone else's home folder on the PC?


ACL's in Windows are powerful but complicated and also not used often or proper.

Linux permissions are pretty straight forward and easy to use. Maybe not as encompassing as in Windows but pretty easy to figure out and use.

Reply Parent Score: 3