Submitted by A senior Microsoft executive has promised that its new operating system will be more secure than ever. Jean-Philippe Courtois, president of Microsoft International, said that beefing-up security was one reason behind delays to Windows Vista. Microsoft has been criticised for flaws in previous systems that left users vulnerable to attacks by hackers. Mr Courtois said Microsoft had done “tons of work to make Vista a fantastic experience when it comes to security”.
How secure can it be? The default user account is STILL administrator. When are they going to design around a multi user paradigm? We all know you dont run as root on a unix box, I would have thought someone would have told MS by now.
[i]How secure can it be? The default user account is STILL administrator.[i]
The default account is a member of the Administrator’s group, but it does not have administrative rights. Unless you elevate, anything run under that account runs as standard user.
“The default account is a member of the Administrator’s group, but it does not have administrative rights”
If you’re part of the Administrators group you HAVE administrative rights. That’s why the group is called “Administrators”.
“Unless you elevate, anything run under that account runs as standard user”
No, you are running as an administrative user.
If you’re part of the Administrators group you HAVE administrative rights. That’s why the group is called “Administrators”.
You have the rights, but applications you run do not unless you elevate them. When you log in with an admin account, two tokens are created for that account. One token has full admin rights and the other token is stripped of all rights except those of a standard user account. All applications run using the standard user token unless you give them more rights via elevation.
Thanks for clearing that up.
Like everyone else here, I haven’t taken the time to read up on the Vista security model.
Unlike everyone else here, I’m not anxious to show that I haven’t.
= Heh
more secure that Windows Server 2003 R2?
No, I don’t thing so…
more secure that Windows Server 2003 R2?
No, I don’t thing so
Uh, dude. Vista is based on the Windows Server 2003 R2 source code.
as far as I know Vista is based on Windows XP SP2, but okay. If you’re right, every firm, every server, should be upgraded to vista.
It’s not nice to image that a server OS is more unsecure than a home OS.
From Paul Thurrott’s website:
Future Windows versions will always be based on the most up-to-date Windows version at the time, and today that version is Windows Server 2003 with Service Pack 1 (SP1). When Windows Vista development started two years ago, however, it was originally based on Windows XP. In mid-2004, Microsoft had to restart the core development of Windows Vista because it was too hard to go back and componentized the Windows Vista core code. So when it restarted Windows Vista development, Microsoft naturally used the Windows Server 2003 with SP1 code base instead of that of XP.
So your information is a little out of date.
Edited 2006-10-11 15:02
They have added a lot of new features to the OS that Win Server 2k3 did not and could not do.
An improved firewall with outbound support, UAC and so forth. See here for more details: http://www.microsoft.com/technet/windowsvista/evaluate/feat/secfeat…
Microsoft has made a lot of improvements to the way their software is setup by default, and added in many good ideas that have been out there in the computing world for a while.
Will Vista be uncrackable? Of course not. Will it be more secure? Definitely.
While I won’t debate that it will be a better setup by default, there’s a big mistake that they’ve been doing all over Vista… rewritting things from the ground up. there is an article (here: http://www.osnews.com/story.php?news_id=15399) that details the security holes in the networking stack. That alone is going to kill it’s security.
Here’s another problem with Security in Vista: UAC. Frankly that solution has only made things worse, not better. Why? Well, no one pays attention to an alarm that goes off every ten minutes…. And UAC is going to be so much a part of the user’s experiance that they will ignore it, and always allow everything through… or worse, disable it. That’s BAD from a security standpoint.
Something I would love to see Windows bring in some honest to goodness security guys (like this guy: http://www.schneier.com/blog/) to evaluate, and help design their systems. Ah, well, they’d just be told to do it like unix does things anyway. Oh well.
Edited 2006-10-10 21:20
While I won’t debate that it will be a better setup by default, there’s a big mistake that they’ve been doing all over Vista… rewritting things from the ground up. there is an article (here: http://www.osnews.com/story.php?news_id=15399) that details the security holes in the networking stack. That alone is going to kill it’s security.
Those holes were identified and fixed by Microsoft before they were even publicized. If you examine what the new stack brings to the table, you’d realize the rewrite was warranted.
Here’s another problem with Security in Vista: UAC. Frankly that solution has only made things worse, not better. Why? Well, no one pays attention to an alarm that goes off every ten minutes…. And UAC is going to be so much a part of the user’s experiance that they will ignore it, and always allow everything through… or worse, disable it. That’s BAD from a security standpoint.
Most complaints about UAC are from pre-RC builds, and mainly from power users more likely to perform admin tasks more frequently than average end-users. Many complaints also stem from a lack of understanding of permissions. One of the more common complaints I’ve seen about UAC is not being able to perform file operations on secondary harddrives without being prompted. The simple fix for this is to enable Write permissions on the drive for standard users, but power users that don’t really know what they’re doing choose the sledgehammer approach of disabling UAC altogether. UAC isn’t the problem. People resisting the transition from running as admin full-time to running as standard user most of the time is the problem.
Something I would love to see Windows bring in some honest to goodness security guys (like this guy: http://www.schneier.com/blog/) to evaluate, and help design their systems.
http://blogs.msdn.com/michael_howard
is the guy you’re looking for, and he’s by far not the only security guy at Microsoft. They also have partnerships with several external security firms.
Ah, well, they’d just be told to do it like unix does things anyway. Oh well.
Thank goodness they don’t follow that advice.
Some good points n4cer. Goto take UAC complaints with a grain of salt as most of them are Win Power Users who have f-all idea of security and permissions.
MS is doing a decent job to rectify problems Windows has had in the past and most of them are due to normal users running an Admin account with XP.
That’s 6 years of bad user habits to break. Not going to happen without some winging on the end user side but the dust will settle after the 1st year and people will wonder what ll the fuss was about.
1. As for the fresh new code,you have to remember that they’ve been testing their stuff quite vigorously, so the jury is still out on this one.
2. Unix-esque security is definitely not the ultimate security scheme against modern attacks targeted at home computers. These attacks don’t try to harm the system, but instead simply want to run on it and exploit its resources or display advertisements to the user. These activities don’t require root access, they just require one security hole in any app the user runs.
Unix-esque security is definitely not the ultimate security scheme against modern attacks targeted at home computers.
It’s not the holy grail,but what is?
Many simple design features could help to make it a lot more difficult to take advantage.
These attacks don’t try to harm the system, but instead simply want to run on it and exploit its resources or display advertisements to the user.
What’s the difference,i wouldn’t want that either.And i think hardly any user.
These activities don’t require root access, they just require one security hole in any app the user runs.
Most users are root by default.I think very few users run w2k/XP professional where you have limited user versus administrator separation.
>more secure than ever
…and they all lived happily ever after :o)
OMG – the same procedure as every year and consumer doesn’t get it.
How long will microsoft keep underestimate users? How long will they keep fooling them? In my opinion it is starting to be pretty much disrespectful, making promises which arent kept up to now.
Yes microsoft did a lot of work and they still learning.
I don’t think they think users are stupid. I think they think users think (still with me?!) MS are the best they can get, and they take advantage of it.
And they’re probably right. MS are on the majority of PC’s, preinstalled on the majority of THOSE, and some people don’t even know the difference between Macintoshes and PCs, or between mainframes and servers. So people think if they are on the majority of PC’s, they must be the best thing out there, so the majority buy MS for their PCs…. A vicious (virus?) circle.
The majority of people die, but I don’t see them thinking it’s the best thing out there. 😛
Kidding aside, I’m sure Vista will be more secure, but they are so one-sided they only compare to their own products. I don’t see them compare to OpenBSD for instance, which causes people to take their statement with a grain of salt.
The majority of people die, but I don’t see them thinking it’s the best thing out there. 😛
I see your point, but it’s not really the same; dying is not one of a number of products you can choose from! The best comparison that can be made is that neither is something people can avoid 😉
Edited 2006-10-10 21:28
Well, I think XP is secure enough at the current patchlevel. I’m running XP for 2 years now on my desktop with a public connection to the internet (no firewall) and I never have any problem with infections or hackers or anything. The only thing I need to do is install the latest patches and I’m safe to most of the scriptkiddies/crackers. Let’s face it, if a good hacker wants access he’ll get it, no matter what.
Talking Vista, a lot of new features have been introduced and some of these features will have bad, maybe even exploitable code.
It’s not the question if the first exploit for Vista will show up, but when, cause it will definitely.
Microsoft promising security is like White Star claiming the Titanic was unsinkable.
The firm had originally aimed to launch Vista – the first major update since Windows XP was introduced five years ago – in the second half of 2006.
Don’t they mean originally intended to release in early 2005, or so? And later changed it to 2006 when they rewrote a large amount of code in late 2003?
The word “security” can be expressed as many things….the term “fantastic experience” isn’t one of them.
When will MS learn?
[quote]
A senior Microsoft executive has promised that its new operating system will be more secure than ever
[/quote]
Wow…. 0.00000001 > 0.. quite an achievement! 😀
Fantastic experience! Exactly! Nice way to say things, they have, high managers. Are you really expecting him to say, that Vista’s security is not better then before?
Edited 2006-10-10 22:28
I understand the need to spin things correctly…..but security should not be something that is experienced…..and if it is, it’s definitely not going to be “fantastic”.
Besides….the “Best Version of Windows, Yet” ship has sailed long ago. They’re marketing department is as lazy as their software development.
Technically if you have 1 million vulnerabilities in your last version and now have 999,999 in your new version it is more secure. What they aren’t saying is how much more secure. My guess is … not much.
its going to be a”great” experience… probably an increase in mouse-click RSI
Approximately 2 ours ago 1:30 PM PST:
http://blog.washingtonpost.com/securityfix/2006/10/microsoft_update…
2 patches for Vista, MS didn’t disclose which out of the 26, but one likely candidate, an XML bug….
Maybe this will be the only 2….
Edited 2006-10-10 22:46
The firm had originally aimed to launch Vista – the first major update since Windows XP was introduced five years ago – in the second half of 2006.
Wasn’t it really scheduled for 2003??? Tell me if these guys aren’t just forgetful sometimes.
My understanding of Vista is you won’t be able to access certain areas of the OS no matter what you’re logged in as…root, super root, super dooper bad muthaf**kin root, nothing. We’ll see how long that lasts, but that’s what I got out of it.
My understanding of Vista is you won’t be able to access certain areas of the OS no matter what you’re logged in as…root, super root, super dooper bad muthaf**kin root, nothing. We’ll see how long that lasts, but that’s what I got out of it.
You can access all parts of the OS. It just requires you to elevate to do so.
You can fool everybody once.
You can fool somebody forever.
But you can’t fool everybody forever.
HappyLinuxUser
Well any positive value is greater than 0
What an achievement
From my experience the fact that windows has so many security problems is due to a few things.
1. Encouraging the user to run as admin (the default install of XP makes the users you create a member of administrators). This is partly a social problem. As most XP users were coming from win95/98 where any user can do anything to the system. So instead of educating users on how to run as a normal user and do the minimum as admin Microsoft took the lazy approach. Its also the fault of many software developers who dont write thier software to run properly as a normal user. (i recently installed a program for viewing TV on my computer that created data directories under the root directory of C drive). Most (i say most) Linux/UNIX users are educated enough to run everything as a normal user and do minimum stuff as root.
2. Windows NT/2000/XP has too much crap running by default. Take RPC for example. This opened up a lovely big hole for hackers. Why does a desktop operating system thats going to be installed on millions of computers connected to the internet need RPC running?
Its also difficult to turn a lot of this stuff off because it generally breaks something else when you do.
3. Its too integrated. Especially the idea of having the browser tied to the underlying OS. ActiveX should be taken out of windows altogether. Its only purpose seems to be to allow hackers access.
My 2 cents
>> Most (i say most) Linux/UNIX users are educated enough to run everything as a normal user and do minimum stuff as root.
It’s not about the users’ educatedness.
Any *n*x installer (and most people end up having to install their *n*x OS themselves) force you to make up a root password, and later on you can tell the installer what your user name and password should be.
You’ll then automatically be logged in as a normal user by default, and you won’t feel the urge to enter any root password until you are asked for it, by say an update program.
Even if you’d get yourself a preinstalled *n*x, you’d be forced to change your root password, make your own home user account, and then you should log in as a user by default.
This model doesn’t seem very complex, but then, WNU.
(Windows’s Not Unix)
😉
(*Buntu and OS X have the sudo stuff, which is similar except for the fact that the first user will also be root. Nevertheless, passwords are still required. But I much prefer it the above way.)
Don’t forget the abundance of file extensions windows supports by default of which a lot are potentially dangerous.
How secure can it be? The default user account is STILL administrator. When are they going to design around a multi user paradigm? We all know you dont run as root on a unix box, I would have thought someone would have told MS by now.
I see people saying this a lot but how exactly does running as a user account help me? If I run a suspect program that owns my user account – I still lose all my stuff. My own stuff is all I care about. Having the operating system owned is the least of my concerns, really.
//My own stuff is all I care about. Having the operating system owned is the least of my concerns, really.//
Not quite. Given that ownage of the operating system can include a keylogger including a credit-card-number sniffer or password catcher or both, and you if happen to use your system for on-line banking or shopping, then you should also be really concerned about any possible ownage of your operating system.
Claiming that a new operating system is secure before it has been properly released and tested in the wild is just marketing hype. There is no way that Microsoft can know for sure that Vista will be more secure until a few months after it has been released, particularly because it contains a completely (or almost completely, opinions vary) new network stack. New software is by definition potentially insecure until real-world practice has demonstrated otherwise.
The same claims were made about Windows XP before it was released. Microsoft trumpeted that it would be the most secure Windows ever and it turned out to be the most insecure OS they had ever released until it was massively patched and jury-rigged back together with SP2.
None of it is over until the fat lady sings, and she’s not going to sing until Vista has been on the market for around six months.
XP was not the most insecure OS they ever put out, it still beat WinNT and all the win9x’s, it just got hit the hardest, because of the number of worms released in the XP gold/sp1 timeframe
“Not quite. Given that ownage of the operating system can include a keylogger including a credit-card-number sniffer or password catcher or both, and you if happen to use your system for on-line banking or shopping, then you should also be really concerned about any possible ownage of your operating system.”
Or your computer becomes part of a network of spam-sending zombies. Then someone notices the spam comes from YOUR computer, sues you, and you become convicted as a spammer.
Yippie!