I just wanted to say , Patch guard, or the hyperviser, will only make crackers move up one level. They will use the APIs to the Kernel, and do what they want. in the same way the security vendors are using it, to do their, dirty work.
but if MS added heuristics to detect malicious software behavior, then this can be reduced by 60-70%.
hey being clothed is better than being naked. Prevista, the Kernel was naked, now, it has some clothes on.
MS should have moved the WinKernel from Ring0 to Ring1 in that onion. PatchGuard can then secure Ring1 Code. This way you get rid of the impracticality of securing code with same priviliage level that exist in Vista.
Or, MS could introduce Zones within the Kernel layer, where one zone would have more previlage than the other. Kind of like the Throne and the King servents. Or the nucleous in a cell. Zone 0 Zone 1 Zone 2. Zone 0 Runs hyperviser and hurestics, Zone 1,2 run
Kernel and other stuff.
Anyways, I look forward to seeing the cryptography in Windows Vista and Socket Security. Will certificate substitution work in vista (man -in middle attacks) as in before? or not?
What about the ASLR (Address Space Layout Randomization) which was intrudiced later in the dev cycle into Vista. This was already present in open-source OS , and linux. It was supposed to make the odds of a successful buffer overrun exploit 1/256
chances, because each time you restart winVista, the system resoruces that are loaded into memory are loaded in to randomal address space. It helped Linux be more secure than Windows in the past, and its a plus in terms of security. But in the Linux world,
Crackers found a way around it with memory search tools and things like that. I dont know how MS implemented their ASLR but it would be cool to know more about it.
RootKits will still work in Win-32 Vista, although its much harder now. Even if people were not able to patch the kernel anymore with rootKits, they might patch process memory space with DLL injections and impersonation. Does Vista check at run time , if a
process had changed? Suppose a DLL injection happened at Run Time for a process running in Windows Vista, would Vista block the injection or will allow the injection but crash the application or stop its execution?
What applications can access Raw Sockets? Does windows check?
Thanks for part 2. Its cool and I am looking to see the Crypto video (if will be done), on Vista and the new innovations as compared to prevista era.
Edit: Since we are in Security zone here, How secure is the Firewall in Vista? Will it prevent LAN attacks? like Arp poisioning, MAC Spoofing, things like that?
I think alot of concerns I had with Vista's security had been addressed to some extend in this video.
I realize that Vista is just a snapshot of the roadmap to windows Vienna. The innovations in the security area with respect to Windows OS, will match those of Unix and Linux, and when Vienna comes out, it will be a matter of flavor to run Unix versus Vienna,
rather than by security criteria.
The hyperviser technology and virtualization at the kernel level, is one reason I say this. The heuristics code that will check suspecious behavior in the system, will cripple root kits significantly.
I wish MS would have enforced the signed driver policy on 32-bit systems also, and worked with vendors to recompile their drivers and sign them to work in a digitally signed world.
The future is bright for Windows OS because Windows has been hammered for the past 20 + years more than others, and it has not been killed. So what does not kill you , only makes you stronger. I see this applies to windows and its very true.
I also, realize that you cannot make a 100% secure system, because technology is always evolving. But atleast MS is increasing the bar level higher, so that only capable engineers would be able to jump the bar level, and the majority of script kiddies are blocked.
This is very cool.
If people had waited 2 more years, we might have had a more secure system than vista. Vista is claimed to be more secure, but its not tested in the wild. So its security is to be verified by how it stands up to hammering by the outside world. Vista's new innovative
security features, makes Windows more secure by default than XP (out of the box sense), but not "Secure" in the absolute sense of the word.
So we can watch and see how Vista does, and wait patiently for Vienna.
Again, Thanks for giving us this inside look into Vista's security. You asked alot of good questions, that I myself and I am sure others, have woundered about, and got them addressed at least in part.
questions to Andres, when is it going to be harder for MSIL to be decompiled into rich code? Can C# compiler (managed compilers) have obfuscation natively in them so I dont have to worry about my assemblies being decompiled on the fly?
Also, when will drivers be written in Managed code?
With linq, from a performance perspective, is using Linq to query sql more efficient or using sql stored procedures more efficient?
Lastly, what is going to be in C# 4.0? (C# transactional programming model for multi-core processing?).
I wished if Windows Firewall would have preset rules, for known applications based on application signatures downloaded from Windwos Updates. This way a user would not need to configure the firewall, but rather windows would apply the trusted settings
from microsoft for the given application. So if malicious impersonating software somehow gets into the machine, its unable to connect to the internet because of the proactive defense of the windows firewall.
How many users know how to configure the NAT or the Windows Firewall? I bet not many even know how to get to it in their machines.
Secondly, given that Vista's networking stack is virgin, how can we assume that its secure before its tested in the wild for some months and years?
So in a nutshell, IPv6 protocol is identical to IPv4 (interms of packets), but IPv6 allows more addresses, because now you have large number of permutations with alpha-numerical strings.
What about the security of the new networking stack. With NATs , you were able to protect yourself from worm attacks, because NAT will drop malicious packets, and its as if you have a good hardware firewall.
With Windows Vista, you have the Windows Firewall replacing NATs in software, but still software is not like hardware, as its error prone.
So, now if we can get a demo of how to program in .NET and unmanaged code (C++?) against IPv6, and what if any, is new in terms of programmability.
Does IPv6, and this tunneling technology, help lower costs of bandwidth for companies?
Will we be able to use secure protocols by default in our every day communications? Have every windows machine send encrypted packets using something like the SSL protcol, so the whole internet would become secure? I think public key crypto is good. (Every
machine that wants to talk to me, would get my randomally generated public key and send me a private message, and vice versa.) This would prevent packet sniffing and explit trials.
But very good video. Keep it up Charles, always bring us the cool stuff .
Are there plans to include in the .NET Framework, classes and support for Audio and Video? Like capturing and recording audio from your microphone and be able to stream that, or capturing live feed from your camera? Is there a plan for this to happen with
in the .NET Framework? It would make it easier for developers to include video into their app, or allow live support using a mic.
In general is there a way to make it easier to work with hardware in the machine through the .NET Framework?