| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Security Vendor Claims Microsoft Is Shutting Out Competition | |
|
||
| Time: 01:25 EST/06:25 GMT | News Source: Windows IT Pro | Posted By: Kenneth van Surksum | ||
|
Security solution provider Agnitum claims that Microsoft's kernel patch protection will shut out competing products unless competitors resort to hacker tactics. In an article posted to the company's Web site, Agnitum said that because of the way Microsoft designed its kernel patch protection "it will be more complicated for third-party security software companies to install and maintain their software on Windows PCs. In some circumstances, kernel patch protection may even block the installation of third-party security software." The brunt of the complaint centers around the way some vendors hook into the kernel in order to gain enough control to defend the system against attacks. Agnitum said in order to protect a system developers sometimes resort to patching the kernel. Such a patch might involve changing a service number in the system's Service Dispatch Table so that it points to third-party code. Then when that particular service is called by a program the third-party code is invoked instead of the original kernel code. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 215 Last | Next |
The time now is
10:36:15 PM
ET.
Any comment problems? E-mail us |
| #1 By 478 (80.102.174.121) at 7/31/2006 4:16:08 AM |
| In others words, if MS makes the kernel haker prof, they will be out of busines. MS is so bad to others. Do they want it less secure so that they can sell their services? Just a little bit. You can not have it both ways! |
| #2 By 37047 (216.191.227.68) at 7/31/2006 1:13:14 PM |
| This is a good example of Microsoft having been so bad at securing their OS in the past that a whole industry has sprung up around it. Now that they are cleaning up their act, that industry is obviously going to take a hit. A kernel that was completely oblivious to virii and the like would put every anti-virus vendor into bankruptcy. That is an unfortunate (for them) side effect of MS finally improving the security and stability of their product. Like recreagh said, you can't have it both ways. From my perspective as a consumer / user of MS products, I'll take a stable, hack / virus proof kernel any day over one that encourages an active third-party industry revolving around the security problems in Windows. |
| #3 By 32132 (64.180.219.241) at 7/31/2006 1:57:34 PM |
|
"This is a good example of Microsoft having been so bad at securing their OS in the past "
Kernel hacks are big in the Unix/Linux world. For example, Debian was recently compromised because of a kernel exploit that affects all versions of Linux. http://lxer.com/module/newswire/view/65404/ |
| #4 By 6859 (206.156.242.36) at 7/31/2006 2:20:07 PM |
| #3, that's a local system rootkit exploit. Pretty much, if you have access to the machine, time, and a bit of privacy you can do anything to any computer. Plus Debian fixed their error within, what, a day? Not too bad, all things considered. |
| #5 By 15406 (216.191.227.68) at 7/31/2006 4:22:42 PM |
|
#4: No, Parkkker's right. One single kernel flaw that was fixed in a day is about the equivalent of 20+ years of MS' poor security practices over a plethora of applications and operating systems.
|
| #6 By 32132 (64.180.219.241) at 7/31/2006 5:14:00 PM |
|
#4 That is the 2nd time in 3 years that we know about for Debian to have a server exploited.
|
| #7 By 32132 (64.180.219.241) at 7/31/2006 5:15:51 PM |
|
#5 http://www.atomicmpc.com.au/forums.asp?s=2&c=22&t=284
"In the last 2 weeks, 2 linux kernel local root exploits have been published and source code for both is now roaming in the wild. The first http://www.securityfocus.com/bid/18874 is a simple bug in the function prctl(). When this function is used to set a specific flag, any core dump performed by the program will be owned by root. A common way of exploiting this is to change directory to /etc/cron.d. Seg fault your program (the exploit), causing the binary of the file to be dumped there. The only readable part of the binary will be any strings (when correctly formatted). If you place a correctly formatted string in the code, that resembles a cron job, then that job will be executed with root privilages. The second http://www.securityfocus.com/bid/18992 is a race condition exploit. I haven't got around to understanding how this works, however the exploit code provided works on all distro's I've tested it on (ubuntu, gentoo, debian unstable). These are 2 particularily nasty lcoal root exploits found in the 2.6 kernel and I recommend anyone running 2.6 patch their kernel immediately. " |
| #8 By 32132 (64.180.219.241) at 7/31/2006 5:22:24 PM |
|
#5 "One single kernel flaw ..."
http://secunia.com/product/2719/ According to Secunia, the 2.6.x Linux Kernel has 91 Secunia Advisories. 14 of those are "multiple vulnerabilities". 28 of those 91 (well, actually, over 100) are from 2006. coffee girl can't count very well. |
| #9 By 8589 (71.91.118.117) at 7/31/2006 6:22:40 PM |
| This is not about LInux. This is about Windows. Leave it at that, or don't comment. |
| #10 By 32132 (64.180.219.241) at 8/1/2006 12:22:01 AM |
|
#9 I try and keep things in perspective.
http://dictionary.reference.com/search?q=perspective "The ability to perceive things in their actual interrelations or comparative importance" When people try and trash Microsoft's security record, I try and keep things in perspective by pointing out that other companies track records are in fact much poorer ... but they just don't get the publicity. |
| #11 By 12071 (203.185.215.144) at 8/1/2006 2:59:40 AM |
|
#1 They're not making it hacker proof - hackers are still getting through, note that Agnitum claims that the only way they will be able to access ring 0 is by resorting to hacker tactics.
What this story boils down to in the end is Microsoft changing the access to the kernel and a 3rd party developer complaining that they will have to re-write part of their code and/or re-architect it in the worst case scenario. Tough... Hopefully they had good technical architects working ont he application in the beginning meaning there will only be 1 or 2 interfaces that they will need to modify. You can't whinge about this to no end! However, the real question is where's lketchum to tell us how "Parker tends to look at the positive elements" like he did in #12: http://www.activewin.com/awin/comments.asp?HeadlineIndex=35945&Group=1 |
| #12 By 32132 (64.180.219.241) at 8/1/2006 12:13:25 PM |
|
#11 I'm positive Microsoft has not had 28+ kernel vulnerabilities in 2006.
And I'm positive coffee girl is regretting the claim the Linux has had only "one single kernel flaw" over the last 20 years. This post was edited by NotParker on Tuesday, August 01, 2006 at 12:18. |
| #13 By 15406 (216.191.227.68) at 8/2/2006 9:13:54 AM |
|
#12: Geez, you can't type two sentences without having to go back and edit.
I'm positive that I want fries with that. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 215 Last | Next |
The time now is
10:36:15 PM
ET.
Any comment problems? E-mail us |
