Windows Vista PreOS Environment: What happens before the OS loads

Great interview so far (still watching). Any reason it was cut at around 31:02?
After watching the whole thing, I have to agree with the other comments that this is a fantastic video. Mark explains everything crystal clear. I really liked the explanation of the different user roles.
Charles wrote:Mark's lessons on Vista's fundamental security model was much more interesting.
Pls pls pls do more interviews with Mark.
Really great interview, Mark is really great too
Thanks for the video
unforgiver wrote:I think this is good video. But the question is - why there is a cut at minute 31? Does he said too much there? Can we see "directors cut" version of this video? Second question is: If debugger knows where the exes and dlls reside what is the problem to take the debugger, see what it is doing and use the same techniques to mess around with the system?
Thanks Mark and Charles. In vista context, is there any changes/improvements/apis for Services that need to impersonate users (i.e. job scheduler, etc)? Or you still need to use LogonUser api with a stored/encrypted password? It would seem, if your admin, you should be able to impersonate a user without a password (and maybe just a audit entry to show you did). Or maybe even a policy to allow admin impersonate right only from a service or something. tia
Passwords are still required to logon user accounts. While its technically possible to create a session that represents a user without using their password, there would be many serious limitations that make that approach problematic. For example, a user's
protected storage area, including their EFS keys, can only be unlocked with their password. In addition, Kerberos network authentication requires the password and so none of the user's network resources would be accessible.
Thanks for the nice feedback, everyone. Glad you enjoyed the interview
Mark Russinovich wrote:Passwords are still required to logon user accounts. While its technically possible to create a session that represents a user without using their password, there would be many serious limitations that make that approach problematic. For example, a user's protected storage area, including their EFS keys, can only be unlocked with their password. In addition, Kerberos network authentication requires the password and so none of the user's network resources would be accessible.
Thanks for the nice feedback, everyone. Glad you enjoyed the interview
Mark Russinovich might be the best mind at Microsoft. Clear spoken, he makes even the most complicated topics somewhat understandable to the rest of us. I would give up my next child to spend some time with him (that's a figure of speach).
PsTools, Filemon, and Regmon not only simplified my life, but gave some insight into what my network was really all about.
We need more of this guy on channel 9, he is the great communicator of the IT world!!!
Thanks for having him.
Comment removed at user's request.
I had a really good read on this, very detail,
and very useful information.Thanks.
Hot iPhone Converter
http://www.iphoneconverter.com
mark is king of hte kernal
With regard to ~19:00 of the video and the discussion about the *Setup|Install*.exe heuristic:
Didn't Mark miss an important point about the finding?
The claim was that any file with setup or install in it would automatically be given admin privileges which is a security risk, and Mark's rebuttal is that it's not a security risk because "99.9%" of those files are indeed installers.
But the problem isn't with the executables that *are* installers, they never had security issues to worry about in the first place. The problem is with executables that are *not* installers and pose as one to get free admin rights. Is there anything else guarding an application from exploiting that? If not, then how is that a secure heuristic? I'm confused as to how Mark missed that, and I hope it's because it's something that I missed in my understanding of the issue.
i want how to securing cluster and bad sector in hard drive?becuse the bad cluster and bad sector very cover the hard drive free space and do'nt read in there secter and cluster:):O
What an interview it was!
I second the positive comments here about the great video, and Mark Russinovich is awesome indeed.
娘子convert to iphone我convert to iphone欠convert to iphone你convert to iphone太多convert to iphone的溪边河口