| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Microsoft faces up to security threat | |
|
||
| Time: 11:48 EST/16:48 GMT | News Source: VNUNet | Posted By: Todd Richardson | ||
|
Microsoft chief executive Steve Ballmer has acknowledged that security is as big an issue for Microsoft now as were its antitrust battles with the Department of Justice. Speaking at the company's worldwide partner event in New Orleans, Ballmer unveiled the security technologies that will feature in the next upgrades of its desktop and server operating systems, and pledged to make patching easier. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 330 Last | Next |
The time now is
7:04:18 AM
ET.
Any comment problems? E-mail us |
| #1 By 1845 (12.209.152.69) at 10/10/2003 2:30:34 PM |
|
When was the last time a major virus or worm took advantage of an ActiveX/email exploit? Unless you are referring to calling the Outlook address book from an attached .vbs file, which, strictly speaking isn't an exploit nor is it mail that's the issue. There are two issues with every email worm social engineering (stupid users who click on attachments) and lack of code access security (executing code from an Internet source with full permissions).
Stupid users + anything = bad This post was edited by BobSmith on Friday, October 10, 2003 at 14:31. |
| #2 By 2459 (24.175.137.164) at 10/11/2003 2:53:38 PM |
|
#4 Actions like .NET, NGSCB, Rights Management, PC Satisfaction, increasing the visibility and readability of security bulletins and procedures for laypersons, defaulting the firewall to enabled, making it easier to enable services only for the needed task and the IE hardening kit in Server 2003, disabling most attachment types by default since Office 2000 SP2, and converting the codebase of their products to managed code don't speak loud enough?
Like you said, these things take time. About the only thing they can do is say "bear with us" when they're asked the same questions everyday. Being a competitive and public company, they also can't give full details of various initiatives long before they are final. To go from announcement to production in 2 - 3 (around 5+ if you count back to the original announcement of NGWS in the 90s) years for all major products should be a pretty loud statement, especially with a number of people (including the same press that keeps asking "when?") fighting every security initiative they've started. Since this problem isn't exclusive to MS, people should be wondering why MS is the only one taking these kinds of major steps to harden their codebase. What other mass-market entity is currently moving away from unattested code for their products? |
| #3 By 1845 (12.209.152.69) at 10/11/2003 8:45:20 PM |
|
"Not really, that's the bare minimum of what should be done."
Um, more than most vendors do is only the bare minimum of what should be done? Interesting. Rights management and .NET have nothing to do with security? What does security mean to a business? The ability to ensure data doesn't go where it shouldn't go or be used where it should be used. What does rights managemet do? It ensures data doesn't go where it shouldn't go. What does the .NET security model do (speaking specifically of code access security)? It makes sure applications aren't use how they shouldn't be used. It is far more granular than either the Internet Explorer (zones), ActiveX, or Java security models. Hardly any of that stuff will make the end user more secure? If you run a .NET executable via the browser, due to code access security, it will be severly limited in its abilities. It will only have protected write access, won't have read access except via OpenFileDialog, it won't be able to touch the registry, etc. Unlike an ActiveX control, which is all or nothing, .NET in the browser has degrees of permissions. This makes the end user more secure. NGSCB will prevent one app from spying on another app. No key loggers. No memory space hijacking. No rouge reads and transmissions of sensitive stored data. This makes the end user more secure. Rights Management. I've already covered it. New security bulletin format. This aids in user education. The more the end user understands about his PC, the better able he is to have a secure environment. This makes the end user more secure. Default firewall to enabled. This protects the end user, by default, from network based attacks. Quite obviously, this makes the end user more secure. IE hardening. This prevents scripting, ActiveX, etc. by default. This reduces the attack surface of the browser. This makes the end user more secure. Attachments in Outlook. This prevents users from being able to execute rouge code. This makes the end user more secure. I find it interesting that in the beginning you say this is the bare minimum of what should be done. Then you say, most of these have nothing to do with security. Finally, you say, when comparing to other vendors, that these are major steps. Which is it, your audience doesn't understand you. Reactionary security measures. What major vendors have implemented code access security in their APIs? What major vendors support rights management for a myriad of file types even when those files are outside of traditional security means (e.g. file/network permissions)? What other major vendor has implemented or has plans to implement protected storage, protected memory, protected input (mouse, keyboard), and protected output channels? What other major vendor is actively trying to educate the end user via white papers, web based (HTML or video) walk thrus, tools (MBSA, HFNETCHK, WindowsUpdate, etc.), and easy to read for the layperson security announcements? |
| #4 By 2459 (24.175.137.164) at 10/11/2003 8:49:16 PM |
|
Rights Management deals with the security of data on your computer. It controls who has access to the data and how it can (or can't) be used. This can protect you from IP theft or identity theft by controlling the flow of sensitive documents or valuable data.
One of .NET's major features is security. It deminishes the attack surface area by strongly typing data, and checking code boundaries to prevent buffer overruns and other coding errors that are the subject of exploits today. It also limits how code is run (or prevents it from running altogether) depending on the level of trust it is given. Code can also be prevented for using other applications to gain greater trust. This will have a big impact on making the average user more secure by not allowing code access to exploit the system unless it can prove itself trustworthy based on a number of criteria. Longhorn's attack surface will be greatly decreased due to the majority of code being managed. Similar benefits will come with the Longhorn wave of applications such as Office 12. NGSCB working alongside .NET and the OS will serve to further insulate data, the OS, and applications from attack by adding another layer of protection in hardware. Despite what is said in the media, MS didn't just up and take notice of security in the last year. If that were the case, NT wouldn't exist, nor would they have announced NGWS (now .NET) over 5 years ago, etc. MS is not the only one taking these kinds of major steps. So other major vendors are converting their unmanaged codebase to managed code or doing full rewrites in managed code? Other major vendors are promoting hardwre-based security for mainstream use? Others are protecting the distribution process of data? I don't see this. I see limited improvement over current offerings due to hype about current offerings being good enough and more secure than Microsoft despite evidence otherwise. I see a greater dependence upon a Unix(like) codebase and unmanaged C/C++. I see an overt double-standard when comparing MS software quality to that of others. Above all, I see a severe lack of treating those who seek to exploit systems as criminals, and instead, blaming the vendor because their lock was picked, instead of punishing the guy that picked the lock. No security is absolute, and complexity dimishes security. Users also need to take responsibility for their actions. Most of the more successful exploits spread because of users deliberately executing files from unknown sources. Those same users couldn't click an icon to apply a patch that would've fixed the vulnerability weeks, (months in some cases) before the release of exploits. Many users also run without a firewall (despite some claiming to be advanced users). When people don't take the most basic precautions, it's hard to protect them. NGSCB, especially, should help with this issue, but even it wont be a catch-all. When you give them protection, some will not know what they're doing, or see it as somehow "evil," and turn it off. As long as the platform is open, there are going to be issues. This post was edited by n4cer on Saturday, October 11, 2003 at 21:01. |
| #5 By 135 (208.186.90.91) at 10/12/2003 3:25:11 PM |
|
Halcyon - "MS is not the only one taking these kinds of major steps, it is probably more like the last one to consider doing so. In fact, it was comparing MS products to other products which made MS pay attention in the first place."
Interesting, because I'm not aware of any other vendor that is taking this seriously. Not Sun, not Oracle, no Linux distributions... Oh sure they talk a lot about it, and make claims like their software is bulletproof. But the facts don't support their claims. |
| #6 By 135 (208.186.90.91) at 10/12/2003 7:18:36 PM |
|
cba-3.14 - "what is with you advocates?! can''t you just admit reality."
I only speak towards reality. |
| #7 By 1845 (12.209.152.69) at 10/13/2003 5:14:39 AM |
|
halcyon, you're very good at not producing a valid argument and not refuting others' valid arguments. Kudos to you!
Rights management might not deal with platform security, but it does deal with data security. Even if you can compromis my system and steal my data. If, thanks to IRM, you can't open the document you stole, you haven't hurt me too much. Imagine if an IRM schema had protected Valve's code. Though stolen, it would be very hard to open (unless the IRM encryption could be cracked). FYI, there are applications (Microsoft Office Outlook Business Contact Manager 2003), Services (ASP.NET runtime), etc. (TabletPC and MCE platform and apps) written in .NET. Vendors is the right word. People who write commercial software are software vendors. It sounds like you are a bit bitter for some reason. I don't know what and won't pretend I do. I will say, though, that you aren't articulating your position and your arguments are very weak. Most OSes have security exploits. UNIXes and Linuxes, just like Windows, have all had remote admin/root exploits. Pretending that Windows is oh so flawed and the others aren't (or are just barely flawed) is just plain folly. |
| #8 By 2459 (24.175.137.164) at 10/13/2003 6:05:21 AM |
|
#9, rights management isn't security, it's just control over a file. It's not making it harder to exploit holes in Windows. Rights management solutions have been around for a long time on pretty much every platform.
So, I guess ACLs aren't security either. Even though they control who can and can't access certain OS resources. Rights Management is very much security. Security implementations revolve around rights management in one form or another. When an admin sets up a network and only gives you a limited account and locks down the OS so you can't install apps or run with full permissions, that's rights management. Focusing directly on rights management for specific data does control access rights to files, but this goes hand-in-hand with hardening the OS and supplementing the OS' usual file permissions controls. Ask yourself this: Would you rather have your sensitive info stored on an OS that only offers protection for that data through the usual user permissions controls (will fail if the OS is exploited and the attacker is able to escalate his priviledge to your level), or would you feel safer if the data was protected by the file format and other supporting services in addition to current basic OS protections? If I copy the file now (unless it's encrypted), I can read it. Even if encrypted, I may be able to break the encryption and read it. On top of that, I can distribute the data as much as I want. Add focused rights management into the mix and I can control how the file is distributed to the point where it can only be opened on my computer and with the aid of several forms or attestation to first prove I'm the owner of the file. There is no way this isn't security. .NET doesn't help this either. None of the applications/services/etc run in Windows are programmed in .NET. Some applications and services are already coded in .NET. Business Contact Manager for Outlook 2003, ASP.NET, Windows Media Center Edition's interface, Corel Grafigo and several TabletPC apps, Microsoft CRM and Sharepoint packages. MS is moving fully towards managed code. The majority of Longhorn will be .NET (only kernel space will remain unmanaged), Office 12 will be managed, SQL Yukon hosts the .NET runtime. From now until Longhorn, you are going to see a major shift to managed code and the security benefits that accompany this shift. No, the bare minimum of what should be done is what Microsoft does. I'm not sure if "vendors" would be the correct term but most other OSes do more than the bare minimum. Most OSes are closed off until the user enables things themselves You mean like Windows Server 2003 and the upcoming XP SP 2? Besides this, have you seen the major Linux distros or other popular OSes? They have just as many services enabled as MS for the typical desktop installation. |
| #9 By 2459 (24.175.137.164) at 10/13/2003 6:05:43 AM |
|
have less exploits to allow foreign code to run, especially on software that's enabled by default...
Haven't looked at Red Hat's security page lately, eh? The other OS vendors aren't any better, except maybe OpenBSD where you can't do anything by default. Once you open it up, it goes downhill as well. Worms/trojans are currently a problem that .NET or DRM could never fix, and Windows is very exploitable. .NET could prevent the code from running in the first place depending on the circumstances. Rights Management would protect your data from being read by the bad guys if the worm or trojan sent it back to them. NGSCB, which you forgot about, could keep the worm/trojan from even affecting your OS, data, or other applications. All of this is about security, and no one is taking steps this significant other than MS. Their competitors are looking on in jest and doubt, thinking MS won't succeed -- habbit, I guess. The worst thing is that they should be taking this issue as seriously as MS because their problems are just as numerous as MS' if not moreso. They can ridicule MS, but by not taking similar actions, the risk is at their current and potential customer's expense. |
| #10 By 1845 (12.209.152.69) at 10/13/2003 5:37:11 PM |
|
#17 you make no sense. You've haven't addressed my arguments. I've argued that you are wrong. I stand by what I have said.
An OS (well all software) is made of APIs. If the OS is flawed, than its APIs are flawed. Besides, you were talking about security. Who cares what the article mentioned. The point is, Microsoft has and continues to put significant resources into security - system integrity, data protection, etc. These efforts aren't the bare minimum as you suggest. Many are similar to what others have done, some improve one what others have done, some are unique to Microsoft. |
| #11 By 1845 (12.209.152.69) at 10/14/2003 12:09:32 AM |
| It's obvious that you're mad, but why don't you address my arguments. You haven't addressed .NET, IRM, NGSCB, etc. You've just brused them aside, which is rather foolish. You haven't addressed the fact that all vendors face similar challenges and security issues. You've simply attacked Microsoft. Once again, kudos to you for doing taking the easy way out! |
| #12 By 1845 (12.209.152.69) at 10/14/2003 2:27:11 AM |
|
You sure are/were mad. Your refutations still don't make sense.
At this specific instance there are few apps that use .NET. So? This will not always be the case. In time, just like COM became the default platform for code in the 90's, .NET will become the default platform. Most of the OS itself will be .NET. It's interesting that you mention Java, which does have a certain sandbox, but is far from the granularity that the CLR offers. Boring? Actually, it's the future. If you plan on doing anything with Windows, plan on .NET. IRM. If you use WMP to protect your files, then no 3rd party is controlling them, are they? If you use IRM to protect your documents, then no 3rd party is controlling them, are they? The issue here is data security. Even if your system is compromised, you want your sensitive data protected. There is more than just system security to worry about. Remember - defense in depth. To minimize risk, you increase the number of steps - use AV, use firewalls, use ACLs, and physicall restrict access to your computers. Even if all of these fail, IRM can still protect sensitive data. This isn't hot air, unless you don't care about your data. Yes, it is true, many DRM formats have been cracked. Nearly every code every produced has been cracked too. Most would agree it is impossible to 100% protect anything, but that doesn't mean you should make it easy for attackers either. SSL has been cracked too, but that doesn't mean that I'll let my credit card numbers travel over HTTP w/o SSL. NGSCB. Once again, the year will not always be 2003. When Longhorn is released, NGSCB will be in it. Users don't want it? You said you wanted a more secure system. If you really don't want one, then what have you been whining about for the last two days? Um, if you have ACLs on your files, you can prevent modification of any files, system or otherwise. Tell me, when you install GNOME on Solaris (or pick your *n*x flavor), do you have to install a GTK/+/# runtime? Often, apps need to install/upgrade system files, so that apps can run. This isn't a bad thing. The bad thing is if the user installing the app wasn't supposed to have permission to install the app and modify those files. If there user was allowed to do something he wasn't supposed to be allowed to do, that's the fault of the admin, not the app. Windows is no more inherently flawed than any other major OS. For security, OpenBSD is about the only OS with a respectable reputation. I find Windows a heck of a lot more useful than OpenBSD, though, so I sacrifice security for usability. Hundreds of millions have made the same choice. FYI, the next time you aren't trying to start an argument, you might want to avoid words like "I have a doubt, isn't this the 4th time they've said they would focus on security? I know these things take time, but actions speak louder than 'please bear with us' notes." The connotation is very negative. |
| #13 By 1845 (12.209.152.69) at 10/14/2003 5:00:21 AM |
|
What this means is that every OS is insecure. You know that every OS has security bugs and has been hacked, right? .NET/NGSCB are efforts to increase the level of security. Since a 100% secure system is impossible, by definition, every system is insecure. When you single out Microsoft, you imply that other systems are 100% secure.
IRM/WMP - To be honest, I don't see too many users wanting to secure the files they rip from CDs anyway. Whether this has or hasn't been patched doesn't really matter to me. (IIRC, v7 was the only version cracked). As for what key you use for signing, if you want to be technical, YOU almost never sign anything at any time with a key YOU create. You get a key from someone else - Thawte, VeriSign, EquiTrust, or have your OS gen one for you. Even if the OS gens one for you, YOU didn't create the key, the OS did. Still, I don't see your point. Who cares where the key came from, YOU chose to protect your files. The OS or WMP didn't decided to do it, though you can argue WMP did, since, IIRC, it is on by default. ACL - If the average user can't handle an ACL, the average user don't care too much about a secure system. It's really that simple isn't it. If you care about securing your house, you don't get a standard lock, you get a deadbolt, you get a security system for your windows/doors and get a motion detector or two as well. If you don't care enough to find out how to secure your house, you don't care too much about security. Why should computers be any different? Windows NT wasn't originally a single user system. It did have ACLs and network awareness, albeit not Internet-awareness, as part of its original design specs. If ACLs are set, the OS doesn't allow an app "by default to completely ignore the arbitrary way a user will configure their system." "It's even hard enough for an admin to get it right. Trying to get the security settings for each file right, protecting system files, and keeping applications working with those settings is pretty insane, while other OSes ship with this done right out of the box and every application is designed to work with the restrictions instead of around them or simply not at all." (continued in next post) |
| #14 By 1845 (12.209.152.69) at 10/14/2003 5:00:49 AM |
|
(continued from previous post)
It's hard enough for an admin? If the admin can't handle it, he shouldn't be an admin. If it's too hard for me to encrypt data in code, I have no business writing applications that need to encrypt data. If I can't handle setting permissions on files, I have no business getting paid to secure a network. Other OSes have ACLs just like Windows does. You've heard of chmod, haven't you? Don't dellude yourself by thinking that all apps on other platforms have perfect installation procedures. They don't. NGSCB. " Sure people want secure systems, but to prevent others from accessing their computer, not to prevent themselves from accessing data they have on their computer such as NGSCB suggests." Since when does NGSCB suggest this? That's like saying SSL suggests that even the client and web server aren't allowed to see encrypted traffic. At best it's a misconception, at worst it's a bold faced lie. I just scanned the link to NGSCB in your post. I'd read a previous version a few months ago. Unfortunately, the author hasn't wised up about NGSCB. Yes, everything he says is technically possible, however, it is not possible with NGSCB. It is possible for shut off all the PCs in China, but that has nothing to do with NGSCB. To suggest otherwise, is to dream up what Microsoft has never stated. Who knows, maybe it'll turn out that I'm wrong. Microsoft has promised to publish NGSCB code, so the world can know that it isn't hiding something up its sleeve. After you read the code, you tell me if Ross Anderson was lying (I would say speculating, but he stated his opinion as fact, not as opinion) or not. To see what Microsoft has said about NGSCB, I'd suggest starting here http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/NGSCB.asp IRM. IRM isn't meant to protect system integrity. It protects data. It's like SSL. If your network is sniffed, SSL'ed traffic is difficult to decode. Yes, it's possible, but it is rather difficult. Yes, eventually, you'll be able to strip or decode any IRM'ed document, but it might take you an extremely long time. Still, if you have sensitive data, I'd rather the crackers have to take a really long time to decode my data than to hand it to them with no hassle. |
| #15 By 1845 (12.209.152.69) at 10/15/2003 2:17:22 AM |
|
Thanks for even more unsubstantiated comments. It isn't worth my time to argue further. This post was edited by BobSmith on Wednesday, October 15, 2003 at 02:17. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 330 Last | Next |
The time now is
7:04:19 AM
ET.
Any comment problems? E-mail us |
