Users will have to balance their IT security requirements with potential Java and .net performance problems if they are to take advantage of the features being introduced in Windows XP Service Pack 2.
SP2 Presents Windows XP Security Dilemma
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
Instead of relying on hardware solutions to fix inherant security flaws that are going to cripple existing software applications, why not just build a better OS that doesn’t have these problems in the first place.
Talk about using a bandaid to cover up the real problem.
There is a solution. Education and awareness are it. When we stop lying to users that security is automatically bestowed on them based on the operating system they use, then maybe users will begin to take the initiative to learn proactive ways of securing their system.
No, repeat no, operating system is secure by default. User need to take deliberate measures to continuously secure and monitor the vulnerability of their systems. Also the tools that encourage security need to be open, available and free. Every time someone brings up the issue of security, these people continuously fail to include users as part of the model.
Just as we take efforts to make our vehicles safe by purchasing alarms, demobilizes, tracking devices etc, we need to take the same efforts to learn about security and how to protect your data, identity and privacy from the evils of the Internet or prying eyes. We need to tell users that the Internet is a nasty place where serious crimes take place and where hidden agencies monitor your every move. They need to protect themselves from those unworthy elements.
Isnt that funny, microsoft is killing of the .Net platform and somehow this effects Java. Remember how MS and Sun got into a law suit about MS abusing their agreement with sun. So MS stopped putting Java into their OS. Well isnt this some how really convient. They end the .Net platform and prevent Java from running all in the name of security. Interesting, dont you think?.
I thought SP2 had some type of overflow protection for 32bit processors also? This sounds like its only working for 64.
as for the guy who says that using the hardware is a patch. I’m pretty sure i386 is the only (main) arch that doesn’t support non-exec pages. They are behind in this and it should be there.
also nobody is trying to kill java, there are ALOT of apps out there that rely on read only memory to be executable since as i understand it they’re interchangable, maybe this is java’s problem, maybe not but there will be ALOT of apps that are poorly coded and will do this I’m guessing.
I could be wrong about some of the details.
This article is saying that these programming models are unsecure because of Windows? Than companies should use Java with Linux and use any processor they want. The Mono software layer will integrate with IBM solutions and Novell solutions technology and I’m sure that something will be worked out with Sun, apparently Java and Mono are friends.
I think that your C applications would be more secure. The GUI code should be untrusted and security handled in back end modules:
From the GTK+ FAQ:
How do I write security sensitive/SUID/SGID programs with GTK+? Is GTK+ secure? What’s this GTK_MODULES security hole I heard about? [GTK 2.x]
The short answer to this question is: you can’t, so don’t write SUID/SGID programs with GTK+
GTK+ will refuse to run with elevated privileges, as it is not designed to be used in this manner. The only correct way to write a setuid program with a graphical user interface is to have a setuid backend that communicates with the non-setuid graphical user interface via a mechanism such as a pipe and that considers the input it receives to be untrusted.
…is that Windows (XP this days) is a ultra-commercial operating systems. It’s at the core of an entire software industry. But I’m talking here abut Antiviruses and Firewalls. What would be antivirus companis without viruses? What would be companies that make security software like ZoneAlarm Pro without security threats? Nothing! How many companies like this make software for Linux Distributions? Almost none. Why? Because all this stupid secirity gaps are already closed. Yes, no OS is secure, and people talk about security prolems with Linux too, but any Linux Distribution out of the box is far more secure on the desktop than Windows is. And pop-ups? Why do people have to wait until 2007 to get a browser from Microsoft that will block pop-ups? There are OSS browsers that already do this. Why do have people to get spam, even do they use the email adress provided by their ISP, and then extra offers from the ISP to get a better service that will protect the user from pop-ups and spam? This is a commercial world, and especially in the Windows world, because it is mainstream, the “stupidity” of the Joe type user is abused to the max.
Lets take a construction worker that got hes PC from WalMart. He soon finds out that he needs an AntiVirus, or that the AntiVirus that came with he’s machine expired because it was a trial. Also that same AntiVirus requires him a credit card number to pay!!! to get it working. How does he feel?! And after all that! he is presented with a ton of confusing configuration options.
This is the world of Windows, and I’m glad I’ve switched to Linux for good.
*Proud to be a Linux user since ’96
On a sidenote, I know that there is a lack of applications in Linux that are Windows only, but there is Crossover and WineX. And if thos don’t do the trick, then its worth to dual boot for those 2-3 applications that are a must.
Cheers
Some application behaviors are expected to be incompatible with execution protection. For example, applications that perform dynamic code generation (such as Just-In-Time code generation) that do not explicitly mark generated code with execute permission may have compatibility issues with execution protection. Note that managed code applications and components built on the Microsoft .NET Framework’s common language runtime (CLR) will continue to work—the CLR is compatible with execution protection in SP2.
Application and driver developers should be aware of execution protection and the requirements of software running on a supporting platform. Applications that perform just-in-time (JIT) code generation or execute memory from the default process stack or heap should pay careful attention to execution protection requirements. The .NET Framework, for example, works with the NX bit set.
Windows XP Service Pack 2: A Developer’s View
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dn…
I thought SP2 had some type of overflow protection for 32bit processors also? This sounds like its only working for 64.
Yes, for the time being the only CPU that includes the NX feature is Opteron/AMD64, however, Microsoft is trying to get Intel to adopt NX.
The really sad part is the fact that the average user doesn’t realise just how shit the x86 architecture really is. x86-64 has fixed alot of the short comings, however, if you even look at some of the old CPUs like m88k, and most RISC based ones, security features like NX are standard fare.
The problem is that the market place settles for “good enough” technology and even when cheaper and better technology comes along, ala AMD, we still have the average pleeb being sucked into the Intel abyss of ingnorance, who is more concerned with the “Intel inside” logo than actually getting value for money.
Microsoft is also recompiling all their code with thier latest software so that they can weed out most code that contains buffer overflows.
Correct me if I’m wrong, but doesn’t linux already support a feature like this called “exec-shield”. I’m pretty sure my Fedora distro already has this in place, yet it doesn’t slow the system down (infact it works with prelink and actually speeds it up) and it works on all processors, not just AMD 64 bit processors.
Interesting. I did not know about this. From Fedora Core 1 release notes…
“The Fedora Core 1 kernel includes new Exec-shield functionality. Exec-shield is a security-enhancing modification to the Linux kernel that makes large parts of specially-marked programs — including their stack — not executable. This can reduce the potential damage of some security holes. Exec-shield is related to the older “non-exec stack patch” but has the potential to provide greater protection.
Exec-shield can also randomize the virtual memory addresses at which certain binaries are loaded. This randomized VM mapping makes it more difficult for a malicious application to improperly access code or data based on knowledge of the code or data’s virtual address.”
I would imagine Microsoft are doing something similar. I don’t know if they do the randomizing of vm adresses, but I can see it would be a great benefit in stopping Windows buffer overflow cracks.
Exec shield is a segment-based hack, which has significant issues, and is far from a real solution.
Also, any <em>correctly written</em> Win32 programs should still work just fine with NX enabled, provided they set the appropriate page protection levels. Win32 provides a full set of page protection primitives, regardless of the capabilities of the underlying processor. It’s only lazy programmers who exploited ia32’s conflation of read/execute access who will have any problems with NX.