welcome to the fest
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

ZOMG! M$'s new Vista may have critical security flaw!!1!

 
Post new topic   Reply to topic    Sinfest Forum Index -> General Discussion
View previous topic :: View next topic  
Author Message
Fhqwhgads



Joined: 11 Jul 2006
Posts: 1337
Location: sfcaus

PostPosted: Wed Aug 02, 2006 4:41 pm    Post subject: ZOMG! M$'s new Vista may have critical security flaw!!1! Reply with quote

Network World wrote:
Black Hat Conference puts spotlight on NAC, Vista and rootkits
By Ellen Messmer and Tim Greene, NetworkWorld.com, 07/31/06

The annual Black Hat Conference, which opens July 29 at Caesar’s Palace in Las Vegas, brings together security researchers and vendors in a freewheeling atmosphere aimed at laying bare the risks and vulnerabilities in IT products.
...

With Vista still in beta, Microsoft, a key sponsor of Black Hat this year, is inviting Black Hat attendees — 3,000 are expected — to identify any security shortcomings they can in the Vista code. In a novel and candid way, Microsoft product managers and engineers will present six sessions on Windows Vista and its security during the conference, challenging anyone there to rip Vista security apart.

Microsoft will find more than enough takers for that challenge.

Joanna Rutkowska, senior security researcher at Singapore-based security firm COSEINC, will demonstrate a new rootkit for Vista during her presentation “Subverting Vista kernel for fun and profit.” A rootkit is software that hides malicious code or computer processes, making it a danger to users.

Called Blue Pill, Rutkowska’s rootkit is based on Advanced Micro Devices’ Storage Virtualization Manager Pacifica’s virtualization technology. She says Blue Pill is undetectable and easily installed, and doesn’t require the perpetrator to exploit a weakness in the underlying operating system.

In addition to demonstrating Blue Pill, Rutkowska will show how it’s possible to circumvent Vista security by loading only digitally signed code into the kernel. “It’s very impressive,” says Marc Maiffret, founder and chief hacking officer at eEye Digital Security, who saw the Blue Pill rootkit and technique for bypassing Vista’s security in Singapore a week ago at the SyScan Conference, where Rutkowska first made them public.

Her bypass technique might not be a flaw Microsoft can fix easily with a software patch, says Maiffret. “It seems to be an architectural problem with Vista,” he says. Rutkowska agrees it’s a design issue and will propose a few ways Microsoft might consider changing Vista to eliminate the security-bypass problem. Vista’s code-signing protection was devised as a way to stop malware, such as kernel rootkits and back doors, from being loaded into the Vista kernel, says Rutkowska, but her Black Hat presentation will show Vista is as vulnerable to the same kernel malware threats as its predecessors.

Although the first version of Blue Pill she developed is for Vista, there’s no reason a Blue Pill couldn’t be made for other operating systems as well, she says. She adds neither she nor her firm will release the code, which could be used for malicious purposes.
Surprised A new version of Windows... with a security hole bigger than your Mom's?! Shocked and horrified, I am.
_________________
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Back to top
View user's profile Send private message
Marik



Joined: 10 Jul 2006
Posts: 1234

PostPosted: Wed Aug 02, 2006 4:47 pm    Post subject: see becuz they are rich huh Reply with quote

Woa wait.

"M$" ...?

I haven't seen people do that in such a long time.
Back to top
View user's profile Send private message
Dro



Joined: 10 Jul 2006
Posts: 3871

PostPosted: Wed Aug 02, 2006 4:51 pm    Post subject: Reply with quote

This reminds me of the mindset of America's democratic party: "let's pretend our new plan will solve everything when it already can be shown to have lots of problems!"
Back to top
View user's profile Send private message
Marik



Joined: 10 Jul 2006
Posts: 1234

PostPosted: Wed Aug 02, 2006 4:55 pm    Post subject: beep beep back up Reply with quote

I smell a theme persona!
Back to top
View user's profile Send private message
Fhqwhgads



Joined: 11 Jul 2006
Posts: 1337
Location: sfcaus

PostPosted: Wed Aug 02, 2006 5:21 pm    Post subject: Re: see becuz they are rich huh Reply with quote

Marik wrote:
Woa wait.

"M$" ...?

I haven't seen people do that in such a long time.

Pff. I'm old. Sue me Razz
_________________
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Back to top
View user's profile Send private message
CTrees



Joined: 21 Jul 2006
Posts: 3772

PostPosted: Wed Aug 02, 2006 6:31 pm    Post subject: Reply with quote

I was more interested in VT exploit taking advantage of processor architecture to hijack a system without detectability by any monitors. Don't have a link handy right now, though (was probably over at hardocp).

But yeah, Vista will have bugs, flaws, holes, and other problems that can be taken advantage of. This is a surprise to you?
Back to top
View user's profile Send private message
Dusty



Joined: 10 Jul 2006
Posts: 650

PostPosted: Thu Aug 03, 2006 1:37 am    Post subject: Reply with quote

yeah alot of people have been saying that the immense amount of code that has gone into the architecture of vista makes it that much more vulnerable. and apparently the new focus for microsoft after gates leaves is to simplify the internal workings of windows to prevent these kinds of holes and vulnerabilities.... which is quite a bit after vista is released and everyone moves to OSX because of some uber worm.
_________________
"You should read your bibles sirs, you'll find all kinds of weird shit in there."
-Jay, Clerks II
Back to top
View user's profile Send private message
PeteMoss
Guest





PostPosted: Thu Aug 03, 2006 2:40 am    Post subject: Reply with quote

I don't see what the big deal is.

The whole purpose was so they could find these errors and eliminate them before the retail version of Vista is available.

The release is set for "Early 2007" and they are still on Beta 2.
They haven't even done Release candidate 1 or 2 yet!
A whole this big will get fixed before the official release.

I am running Vista Beta 2 now and find it very nice.
Back to top
Dusty



Joined: 10 Jul 2006
Posts: 650

PostPosted: Thu Aug 03, 2006 6:20 am    Post subject: Reply with quote

wasnt visit supposed to launch like at the beginning of this year? originally i mean.
_________________
"You should read your bibles sirs, you'll find all kinds of weird shit in there."
-Jay, Clerks II
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Sinfest Forum Index -> General Discussion All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group