Announcement

Collapse
No announcement yet.

OT - Windows Registry Size

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Evan
    replied
    It's open source.
    That isn't sufficient protection in such a complex operating system.

    A few years ago a problem was noticed in a module in the build tree for one of the popular versions of Linux. A checksum was off. The code was examined numerous times and nothing unusual was found.

    Finally, by pure luck somebody stumbled on the problem. A single line of code had "==" instead of "=" in a statement. Changing the comparison to assignment didn't change the functioning of the code at all. It did however set a flag that allowed the process to be invoked at any privilege level at all and provided a back door to root privileges.

    No one is sure if this was simply a coding mistake or an attempt to insert a back door in the code base. If it was a hack it was a brilliant one and almost made it into the distro. Checksums are never 100 percent reliable since that is mathematically impossible.

    Something similar could easily be included in the NSA distro and even an army of hackers wouldn't be likely to find it. The NSA has some smart people working for them.

    Leave a comment:


  • Leigh
    replied
    Originally posted by Evan
    Uh huh. I trust the NSA to not put in a back door. Millions wouldn't but I do. Uh huh.
    It's open source.

    Leave a comment:


  • J Tiers
    replied
    If Microsoft can't handle it, maybe they should do something else instead...... They are supposed to be good at this stuff...... and it does work a lot of the time.

    But little stuff is so annoying, like toolbars that appear sometimes, and other times refuse to come back, a taskbar that is set to auto hide, but only auto hides when I want to see it........

    And then the unannounced lockups...... pull the plug time..... And XP seems to be less tolerant of abnormal shutdowns. It has had to be wiped and re-installed on a bare disk once already.....


    As for Vista, isn't that the version that will call home and decide if you have privileges to see your own data and documents? With encoded and encrypted everything, and no way to recover dayta if it forgets you are allowed, or teh disk craps?

    Thank you, Adm. Poindexter..... I know you got in there somehow...... bless you with a brick...

    Leave a comment:


  • Evan
    replied
    The problem is one of complexity. XP has around 25 million lines of code. I don't recall how many lines are in 98 but based on the size of the install it must be around 5 to 10 times less.

    I am interested to see how Vista will turn out. I have a copy of the beta but need to upgrade one of my machines with a better video card and some more ram before I can try it. To run the full graphical interface requires a separate video card with 256mb ram and at least 1 gig of system ram.

    There is an old saying in the computer business. "Intel giveth and Microsoft taketh away".

    Leave a comment:


  • J Tiers
    replied
    All I know about it is I run 98 at home, and rarely have any problem. Like once in a couple years.

    Just got XP at work, due to using "Agile"...........

    Xp has tripped an fallen repeatedly....... on its face, splat........

    Here I thought it was better than 98....

    Leave a comment:


  • Evan
    replied
    There's only one secure OS... Secure Linux
    Uh huh. I trust the NSA to not put in a back door. Millions wouldn't but I do. Uh huh.

    Leave a comment:


  • SGW
    replied
    Digital Equipment Corp. had security figured out back in the late '60s with their timesharing systems.

    Leave a comment:


  • Leigh
    replied
    There's only one secure OS... Secure Linux

    http://www.nsa.gov/selinux/index.cfm

    Leave a comment:


  • Rich Carlstedt
    replied
    " Proper operating system design requires that applications be restricted to a "sandbox" with no write access to system files."
    -----------------------------------------------

    I am no expert , or even near one, but Evan makes the point exactly.
    As a mechanical Engineer, I am appalled at computer guys.
    If you have a machine with cams that cannot/should not be revised, you put a locked box around it. If you don't want the motors and controls screwed with, you put a lock on the electric box. This is done every day in the real world
    If you build an electronic organ and tune it with whatever, you lock the box.
    You do not put a tone adjusting pot above each key !
    (that is unless the oscillators you use are so unstable that you need to tune when ever you use the organ)
    But then the organ is only good for trained organ tuners ...right?

    That is why we have problems and he addressed it !
    Go Evan !

    Rich

    Leave a comment:


  • BadDog
    replied
    I can't imagine why you think 98 is easy to secure but XP is hard, but oh well. I would rather be beaten that ever run 98 again. I'll also concede the point on XP Home user manager and trust to your accuracy since I have no handy image and no inclination to apply the effort to either confirm or deny. I don't do any sort of IT work so it's not in my main sphere of knowledge.

    Well, sounds like we are both professionals with strong backgrounds in the area but differing conclusions. Much like 2 experience auto professionals, one is a die hard GM fan, the other considers only Ford worth owning. Seems we agree on the important points, we just disagree on some of the OS specific applications of those points, so should probably just agree to disagree and let it go... One of my old colleagues used to say that “this is a point upon which reasonable people may disagree”. It IS good to see that you have knowledge on which to base your opinions rather than just parroting the anti-MS line like so many I run across.

    It’s been a pleasure discussing this, but I use hands on machine work and fabrication to get a break from the virtual world of my professional career. Take care.
    Last edited by BadDog; 07-14-2006, 05:12 PM.

    Leave a comment:


  • Evan
    replied
    There is no user manager or config.msc in XP Home. It is possible to control the registry remotely and the system can be somewhat more secured that way but that isn't possible at the normal home user level. This isn't just a matter of default configuration, the entire permissions and control substructure in XP Home has been kneecapped.

    The problems in Windows are most certainly programming problems. The continuous parade of security vulnerabilities are based in sloppy programming. These mistakes run throughout the OS, everywhere from the TCP/IP stack to the graphics display subsytem. There was even one found last year nicknamed the "JPEG of Death" that allowed a complete compromise of nearly all windows versions by the user merely viewing a jpeg image, regardless of the source of the image and regardless of the Microsoft application used to view the image.

    I don't advocate running as root on 'nix. Not all versions are as secure as Open BSD. Open BSD is an exception and has been developed from the start as a secure OS. Not a single vulnerability was found in the first six years. I'm talking about vulnerabilities to outside attack over a network connection, not from the console. A person at the console automatically owns the machine and nothing can be done to stop that.

    As for securing Win 98, it isn't hard to do. The only ports that are open lead to the secure applications I run. Furthermore, those applications have been configured for maximum security. For instance, there is no admin account on the FTP server and no public anon account. Passwords are minimum 10 characters. Same goes for the web server and I do not run PHP or Pearl and no web admin. Nothing runs at default settings. All admin is done from the console or via FTP which is limited to file transfer. Access to the FTP server is IP masked.

    People certainly have tried to break in but none have succeeded. I have considerable experience breaking systems and a lot of tools that will shortly be illegal in this country when they sign an international treaty this fall. I keep them under triple DES for security reasons.

    Leave a comment:


  • BadDog
    replied
    I am running XP Pro, and the window I'm using at this moment is running as a custom user account with very specific limited privileges that pretty much guarantee that I could click a link direct to a virus or trojan and it wouldn't be able to do a thing. There is another window running right now (at the same time) in the same "Windows Station" (which is the thing that has the Explorer desktop for it's UI) running with full admin privs.

    I can’t speak for XP Home as I’ve had little cause to fool with it other than limited application defect reproduction and debugging (usually via network connection), but I’m pretty sure that while there may or may not be a user manager UI on the start menus, the config msc is still there for use should I choose to seek it out. Again, assuming I’m right (I lack motivation to load an image to see) the key to securing it would be a level of knowledge and skill comparable to the “average” Linux user.

    But I whole heartedly agree that the default install, which is all most people will ever even think to use, is completely brain dead. That’s what I said earlier about the focus on making it as easy as possible, even at the expense of security. That’s not a flawed design or stupid programmers at MS, it’s the technological impact of a marketing decision. A rather successful one in spite of the consequences I might add. Whether it was the “right” decision is a debatable one and we won’t settle that here, but it’s not an inherent flaw or limitation in the system, but rather an artifact of default/typical config, which itself is a result of marketing pressures/requirements.

    Funny that you feel a Win9x system can be secured, but not an NT Kernel system. On 9x, where there is no security sub system at all and no resources are protected in any way, ANY compromised process/thread can do anything in the system. And whether there are “known vulnerabilities” or not, I can pretty much feel confident in saying that if I were sufficiently motivated I (or anyone with knowledge and motivation, I’m by no means special) could “own” your W98 system without much difficulty even without social engineering (which I would assume you are to savvy to fall for easily, making a tech attack simpler in that case).

    Finally, unbiased studies (plural, not just one) by security interested third parties (one of which was biased to find against MS and who I have worked for, though not on those studies) have shown that on the average, MS applications are no more generally susceptible to tech attacks than industry mean, and in some notable cases were actually MORE “secure” (various definitions) than other applications that were much more highly regarded in groups with strong anti-MS sentiments like the quintessential slashdot. The noted difference was that, because of the prevalence of the MS application’s (and OS) installed base, the motivation for identifying and sharing exploits of MS among the generally anti-MS hacker community is much, MUCH higher than for any other segment. And since the majority of the hacker community IS anti-MS and generally holding MS application security in low regard (rightly or wrongly, as we are discussing), they far more often target MS applications for their spelunking expeditions and internal rivalries. So, larger installed base and a perception of lack of security provides the impression of MUCH higher return on their investment to discover vulnerabilities. The only significant balancing force is the typically higher regard of their peers for finding exploits against those applications that are considered “more secure” in the community.

    Your the first Nix proponent I’ve ever spoken to who feels consistently running as root would be ok. But then I’ve not been involved more than cursorily in that community for many years. But in any case, the statement that “is the priority of the Open BSD community” has absolutely nothing to do with the wisdom of running as root all the time. There is no way, none at all, that any complex system can be *known* to be 100% secure. Security” is ALWAYS a matter of degrees in an attempt to push “cost of success” to a level high enough to over balance the “perceived value” of conquering. Understanding this and determining this balance point is a big part of a process known as “risk assessment”. Claiming otherwise is to be wearing an enormous set of blinders and is best left for politicians and marketing directors. Assuming we can agree on that point (and if we can’t there is no point in this discussion), then running as “root” is just dangling that ripe fruit of full privs and eliminates the most difficult aspect of “hacking” a system, which is the effort to find a way to elevate your privileges to “root” once you’ve gained the ability to execute your arbitrary code. Generally, finding a way to execute your code on an arbitrary remote system (regardless of OS or software producer!) is not that hard to accomplish (modulo firewall restrictions and such). It’s finding a way to elevate your privs sufficiently to accomplish your goals that is FAR more difficult, and running as “root” eliminates that larger hurdle. Which brings us back to my initial assertion AND the reason anyone serious about security would/should never consider running as root/admin unless the process in question MUST have those privs.

    It’s obviously far more complicated than either of us likely understand, or would care to take the time to express on a public forum even if we were convinced we had a full understanding, but making sweeping statements about the inherent inferiority of Windows security as was done on this thread is far to broad and absolutely incorrect.

    On a positive note, the next MS OS uses a reduced priv “limited admin” account for the default operation of the computer, only elevating to “full admin” privs for applications where it is required. This seems to be a significant step in the “right direction” but it remains to be seen how the general consumer community will react to this as it does require a bit more interaction and awareness of security. Discussing it further would risk violation of NDAs so I’ll stop there...
    Last edited by BadDog; 07-14-2006, 01:53 PM.

    Leave a comment:


  • Evan
    replied
    Bad dog,

    The most commonly used operating system for the home user at this time is XP Home. It doesn't have an option to run as anything other than admin. Yes, it has a "guest" account but that account is so restricted it is unusable and the permissions cannot be changed.

    So, with XP Home you must run as admin, you have no choice. This automatically exposes all possible vulnerabilities. This is Microsoft's choice. It was an extraordinarily bad choice. It is consistent with their incredible lack of concern with security and reflects their long term inability to secure the system.

    The experience with Open BSD does not depend on running at reduced privlege level. It is secure and security is the priority of the Open BSD community. You can safely run as root on an Open BSD system.

    Having said that it is possible to secure a Windows system, at least an old one. I run my servers on Win 98. I have completely customized the system and don't even have file sharing enabled. I run them in the DMZ with only a software firewall. In four years they have never been compromised. The applications I run have no known vulnerabilities. Of course, none of the applications are from Microsoft.

    Leave a comment:


  • BadDog
    replied
    Oh, and don't take that to mean I'm drinking the MS coolaid. I know they have flaws and have been far too slow to respond to issues like this (such as data page execution locking), you have no argument out of me there. My problem is with the endless legions of slashdot parrots overstating and skewing/exaggerating the problem and its causes simply from hear-say. You and anyone else are very welcome to your opinions, but I have quite another opinion based on my 20 odd years in all facets of the industry.

    Leave a comment:


  • BadDog
    replied
    And do you realize that the vast majority of those exploits (which exist in all complex systems, even xNix, though generally found and fixed quicker and less severe since EVERYONE in that camp knows you don't run as root day in and out) are not viable without access to an admin token? If the security hole exists in an application using limited credentials, then the damage is also limited. WinNT Kernel security is quite robust in spite of the common opinion so many are so quick to trumpet. But when you do have a buffer overflow on the stack such that you can replace (typically) the return address and cause your code to execute, and that thread happens to be running with admin credentials, then you are OWNED. I've worked on these systems for years on both sides of the fence from DOS to mainframes and including xNix systems as well, wearing both black and white hats, and I can tell you flat out that 99% of the common vulnerabilities associated with modern windows system RELY on having access to an elevated token, and that is a direct result of users conditioned to think running as admin is acceptable.

    As I said, I was challenged to put my “money where my mouth is” by a colleague over half a year ago. Due to lame programs from both MS and (mostly) third parties, running as non-admin, and particularly doing dev work as non-admin was quite painful in the beginning, but once I got a few things ironed out and some procedures in place, it’s not that bad. In that time, and I am on this machine CONSTANTLY with no protective software what so ever, I have had not one single issue with virus, Trojan, or spy/mal-ware associated problems. And that includes intentional exposures at the direction of some of my Linux head buddies who were predisposed to want to see this experiment fail. They are strangely silent on the matter now and I am actually quite surprised at how much better the system runs (stability and perf wise) without the anti-everything garbage and bloat-ware on the system. Frankly, I’ve come to realize that the low level hooks used by anti-whatever were what caused the marginal instabilities I had before my last repave and experiment. Since then, my system has BSOD twice in over 6 months of running, and both were due to an ATI video driver that was fixed with a update from ATI...

    Leave a comment:

Working...
X