Several new security-promoting technologies are to be built into Longhorn. These include an ability to periodically check user’s systems against new security fixes in a centralized patch database, and to institute far more stringent access controls and permission levels. Read the article here.
Longhorn Security: Real Or Just Bull?
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
as long as IE is built in Windows, I can’t trust it as “secure”
“This can have dramatic increases in digital rights management and the ability to run trusted code securely on a PC — which you cannot do today,”
Trusted by whom? By me, or by Microsoft? I don’t like the idea of having *anyone* other than myself determine what code is to be trusted on *my* machine. In the workplace, fine, but not at home. But I fear the masses of Joe and Jane Users will flock to the new OS from Redmond: “Ooh, shiny!”
My FreeBSD’s security levels are more than adequate to keep anyone from tampering with my system. No matter how hard anyone tries, security can only be implemented by those who know what they’re doing.
For the average end user Longhorn will probably just bring a lot more restrictions to the user experience while still experiencing security problems.
The only remedy against ignorance is education. I’ve used Windows and MS DOS for literally decades by now, and *NEVER* had to deal with a single virus or spyware program. All these years of experience probably taught me how to deal with MS operating systems so that I’m ahead of the curve security-wise.
Why does everyone these days seem to think that you can use a general purpose computer without knowing the slightest thing about how it works inside?
It took me lots of lessons to get my driver’s license, including basic theory on how a car engine functions and a few quick fixes to common problems that will get me home in a pinch. I’m by no means a professional car mechanic now, but putting a complete and utter newbie behind the wheel of a car is a recipe for disaster.. same goes for computers, no matter what security measures you put into place. I’m not saying newbies are in any way at fault for not knowing, but anyone who owns a computer should expect at least a small time investment in learning what makes the thing tick and how to deal with smaller issues.
“This can have dramatic increases in digital rights management and the ability to run trusted code securely on a PC — which you cannot do today,” LeGrand said.
Hmm, I didn’t realize that a chip(set?) technology could talk. Forget about DRM, we should worry about the CPU spilling our secrets!
lol, noticed this too
i was already sceptical about DRM but now with talking chips i am scared for real
oooh more permission levels… just what microsoft needs: more security features that will either be disabled by default or need to be disabled in order to use windows properly.
everyone i know who’s installed XP SP2 has ended up disabling the majority of the security features because they’re an annoyance.
and i’ll even stop “baaa”ing for a second: both linux & windows fall into the trap that “security feautures” = “secure by design.” end users hate most “security features” and rarely understand or care about any of them!
ftp/telnet had it right: just keep people from even logging in as root and you’ve already drastically minimized security risks
> I love watching Linux users
How do you know they’re just linux users? What about FreeBSD, AIX, Solaris, Mac OS X, a derranged Amiga user* etc. I think this belief is held by anyone who doesn’t use windows and many who do.
* I’m sorry for offending all 10 of you
jk
Well, considering that Microsoft has a penchant for making inanimate objects talk, starting with paperclips… CPU chips do not seem a far extension 😉
Windows or anything else will never be secure, so long as you can get the lemmings to wreck their own system by promising them nude pics of J-Lo.
Longhorn is going to be a hybrid OS: It will have a BSD kernel and a Win32 module.
Highly doubtful. They may have an api layer or system modules for running some *nix stuff (like the current NT has a POSIX layer) but MS has invested too much time and money into the NT kernel to dump it.
Also the NT kernel is not the issue, its some of the services and components above the kernel that need fixing.
This article wasn’t a serious security article. They had no real detail of how security vulnerabilities are going to be fixed, that I could see.
From this “article” we are going to have more permissions to take away from people, (but unless privilege escalation is locked down, whats the point) and supposedly better patch updating (a secure system that can be locked down should need less patches)
I’m yet to see real detail on how longhorn and .Net will really lock down the exploitation of unmanaged bugs, privilege escalations and deliberate security holes.
“I’m by no means a professional car mechanic now, but putting a complete and utter newbie behind the wheel of a car is a recipe for disaster.. same goes for computers, no matter what security measures you put into place. I’m not saying newbies are in any way at fault for not knowing, but anyone who owns a computer should expect at least a small time investment in learning what makes the thing tick and how to deal with smaller issues.”
I agree with you completely dude.
Look up ‘A Tale of Two Kernels” on google. Linux is just now implementing a lot of what NT has had for a long time. The problem with windows is two fold. IE is a disaster and PC vendors like Dell open up every service port known to man.
They are going to bundle Services For Unix in Longhorn.
the problem is that Microsoft still don’t understand what is needed to create a secure system. They think that it is just another feature that they can tick off the list, and then get on with other things. Security doesn’t work like that it is a process and design philosophy not a product that can be bought in then boxed and shipped.
While I expect that Longhorn will be the most secure system that Microsoft have ever built, once they get out of Copeland mode and actually ship it, until they get their colective heads around the design philosophy shift needed to produce secure software the bugs adn holes will creep back in.
Microsoft is confusing security with DRM. They aren’t preventing bad software from doing bad things to the computer, they’re preventing lawful owners from doing what they want with their own computer. It’s more about pleasing the RIAA and MPAA so that they back Windows codecs for media than about securing your computer from viruses or trojans.
Everything they’ve talked about is only effective against the average user who is ignorant of how computers work. It will have no effect on the experts creating viruses to steal your personal info and turn your computer into a zombie. Longhorn will not protect your computer from viruses, but it WILL protect the RIAA and MPAA’s precious “IP” from the average user.
Security? Or DRM?
Microsoft is confusing security with DRM. They aren’t preventing bad software from doing bad things to the computer, they’re preventing lawful owners from doing what they want with their own computer.
No they aren’t. Take a look at Windows XP SP2 RC2 for an example of the security features that have nothing to do with DRM which were in fact backported from Longhorn builds. System libs have been recompiled with Microsoft’s equivelent of ProPolice, the OS will take full advantage of CPUs like AMD64 that have an NX bit (which stops buffer overflow type attacks cold), more extensive use of group policy thruout the OS, a new hardened firewall that blocks all incoming traffic by default, saner default settings in IE and OE, as well as everywhere else in the OS.
The DRM is there, but it’s a seperate beast from the ton of real security features being implemented. I just hope that you realize this now, because from the looks of things, Windows may well be more secure than Linux in the next two years. I’ve seen Microsoft locking things down, while (for example as they are fairly representitive) Red Hat ships an OS with countless services running, no stck protection (yet, it’s in Fedora), and only a firewall to provide any real security from the outside world, which does nothing to protect against local (I’m not talking about people with physical access to the box) users.
I’ve been using a slipstreamed Windows XP SP2 RC2 installation since it was released, and my on going testing only makes me feel safer using it than the current crop of Linux offerings (although the BSDs do much better, and I’d take any of them over Windows anyday when appropriate).
Everything they’ve talked about is only effective against the average user who is ignorant of how computers work
Not true. Some of the things I’ve mentioned are built right in, and even “experts” would be unable to do too terribly much about them (recompiled libs, etc.).
It will have no effect on the experts creating viruses to steal your personal info and turn your computer into a zombie
It most certainly will have an effect. They will have to rely more on tricking gullible users to open unsafe attatchments or similar things (which aren’t covered by the stack protection or NX), in order to get their software running on the machine. However, in all likelyhood, Longhorn will have anti-virus software builtin (gawd I hope so), so it would be able to remove known malicious code, and the user would actively have to shut that down (yeah, it happens, people who thing they are “experts,” or who think that they can get a significant performance boost by having done so) in order to bring the threat level back up.
Longhorn will not protect your computer from viruses, but it WILL protect the RIAA and MPAA’s precious “IP” from the average user.
Like I said before, it very likely will protect your computer from viruses, and it already protects against the majority of worms. Yes, the DRM can and will be used to lock down other people’s IP, but it can (and if you’re smart) be used to lock down your own files, both on your own machine, and off.
Get a grip son, Longhorn is turning out to be a very secure OS, especially when compared with older versions of Windows, or most current Linux distributions.