Home > Privacy, Security > Windows API ‘Flaw’ Sparks Security DebateWindows API ‘Flaw’ Sparks Security Debate Eugenia Loli 2002-08-08 Privacy, Security 11 CommentsA security expert makes the case that Windows’ architecture encourages insecure applications and is vulnerable to the ‘Shatter Attack’ but Microsoft disagrees. Read about it at ZDNews.About The Author Eugenia LoliEx-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.Follow me on Twitter @EugeniaLoli 11 Comments 2002-08-08 8:22 pm A security expert makes the case that Windows’ architecture encourages insecure applications and is vulnerable to the ‘Shatter Attack’ but Microsoft disagreesexpert? gotta love that. anyone remember the password cracker? the really old app that you could magically cursor over a password text box and it would have its ****** turned into text? wow. same concept. manipulating the win32 api… sheesh. and the silly tricks to make apps ‘pop in front’. heh.i cant beleive how much fuss is being made over this, its on every news portal. anyone who has programmed windows ran into this stuff eons ago. 2002-08-08 11:04 pm First, this seems like the same story that was posted a few days ago, just a news site as opposed to the whitepaper. Anyway, not saying that’s a bad thing, just seemed a little odd..i cant beleive how much fuss is being made over this, its on every news portal. anyone who has programmed windows ran into this stuff eons ago.Umm, this is a serious issue. You can arbitrarily resize any text input buffer in any running application and then overflow it. Furthermore, you can crash any running application by making it jump to a garbage pointer. I’d say both of those are definately cause for concern. 2002-08-08 11:34 pm If anything, Windows is already a “trusted computing” platform.It trusts PEOPLE.It provides a powerful API.Yes, you can muck with the OS, with your own application, with other applications, etc.You have freedom to use all these wonderful APIs to create something beautiful.And if you are sick human being, you can use all these APIs to harm other people.And guess what?You can do this with any operating system that is not a Palladium-style “assume all code is criminal” OS.You can do the same with UNIX, with MacOS, with Amiga, with whatever you want.This is “news”?More like this is “propaganda”.Does your OS have to consider all the things a sick person might do and guard against them?Maybe we should all live in prison cells then, too?What’s the real goal of this propaganda? Nothing less than to educate the stupid masses that their next machine needs to be Big-Brother compatible otherwise some malicious application will destroy all their data, transfer all the money they have left after taxes to Bangladesh, and electrocute them.Fear is the mindkiller.#m 2002-08-09 2:09 am S390 systems don’t even trust hardware. Do you want your bank trusting every piece of software written by every programmer who ever worked there. This wouldn’t be a problem if Microsoft just stated the obvious truth that NT is not designed for mission critical or security critical applications. 2002-08-09 7:19 am Umm, this is a serious issue. You can arbitrarily resize any text input buffer in any running application and then overflow it. Furthermore, you can crash any running application by making it jump to a garbage pointer. I’d say both of those are definately cause for concernthe point is, this info is so OLD! it must have been something only win32 programmers knew, because I and other developers knew of this ages back. 2002-08-09 2:18 pm You can do the same with UNIX, with MacOS, with Amiga, with whatever you wantNo, you cannot.Not all API are equal.YOu can create viruses in MS Word but not in WordPerfect –because Word Perfect doesn’t embed macros in the text.You can have e-mail viruses because Outlook defaults settings (use MS Word as default editor, open item in preview pane etc. ) and because Outlook is using VBS crap inside. E-mail viruses has no effect on elm.You think you can harm other people if you’re using Unix ?No chance – if your system was properly secured by sysadmin and you don’t have sysadmin rights to the box.This particular security flaw on Windows is about getting superuser id on the system.On the other hand it’s not really a news and it can be easily fixed – there are security packages on the market that can lock down your system up to window handle and further. 2002-08-09 4:58 pm This needs some perspective. If this is a serious security flaw, why hasn’t somebody exploited it before this? Most worms and such use flaws in specific programs (i.e. Internet Explorer, MS-Outlook), not in Windows API. 2002-08-10 10:07 am If anything, Windows is already a “trusted computing” platform.It trusts PEOPLE.It should not do so. Any OS should assume that any user is a bad guy. No ordinary user should be able to do damage to the OS or other applications running on the OS.You have freedom to use all these wonderful APIs to create something beautiful.And if you are sick human being, you can use all these APIs to harm other people.In case you didn’t know, there are a lot of sick people out there.You can do the same with UNIX, with MacOS, with Amiga, with whatever you want. Well, you can do it, but it takes a hell of a lot more effort on UNIX or MacOS X.Does your OS have to consider all the things a sick person might do and guard against them? Yes it should! 2002-08-10 10:42 pm … is that1) any Win32 app can send a message to any other window on the desktop, regardless of its privilege, and2) some Win32 messages can be used to tell applications to execute arbitrary code.Those two things together constitute a design flaw. 2002-08-10 11:37 pm A properly written Windows application should look at what is coming into the message queue and process each item intelligently.This is where I’d focus on fixing the situation.Adding arbitrary layers of security makes creating fun and useful applications more difficult.No technology can make up for sick people. The symptom is malicious hacking. What is the real issue? It is damn sure not to be a Windows programming issue that is driving people to harm others.#m 2002-08-12 3:23 pm If you were to have an exploit that would run arbitrary code from my email reader (of which there are dozens for Microsoft products), you couldn’t do jack to my box. You could mess up my files, but I’m not root, and could quit easily recover without affecting other users. It comes down to Windows is and always has been a single user computing platform. Everything they’ve done to support multiple users is a half baked hack. Try getting real power users or developers to run as a “Power User” instead of an Administrator. They can’t do their jobs. Unlike Linux/Unix where you can give someone control to do what they need to do without killing their ability to work. It’s amazing to me that when people are confronted with this choice they simply allow users to be Administrators and move on. Windows users are extremely lucky that Melissa or any one of the plethora of virus/worms for Windows hasn’t decided to trash the entire disk. It’s only because the people who wrote them chose not to that this didn’t happen. It will happen, I’m betting sooner than many people think. There are few real harmful things in the wild, but there is no reason there won’t be more.