Feeds

back to article You know who else hates Windows 8? Hackers

Microsoft's emphasis on the mobile nature of Windows 8 and its bold touch-friendly user interface may lead some to fear the software giant has taken its foot off the pedal in terms of security. However there are plenty of changes under the bonnet to merit an examination of the new operating system's defences. Judging by the buzz …

COMMENTS

This topic is closed for new posts.

Page:

Anonymous Coward

Skeptical...

"It is disappointing that Microsoft’s efforts to repair the hole in the chain of trust of the PC boot process ... is being met with skepticism and outright hostility"

Disappointing? Scepticism should be exactly what is used for any feature which has the ability to reduce consumer choice and help control a monopolistic position.

All large manufacturers, including (especially?) Microsoft, should be subject to a great deal investigation about their motives when such a fundamental change like this is introduced. It should be applauded, and not require blinkered acceptance.

38
11
Silver badge
Headmaster

Re:" It should be applauded, and not require blinkered acceptance."

To be honest with you I did not get the impression from this article that "blinkered acceptance" was the issue here. It seemed to me, at any rate, a fairly careful assessment of the situation so far. If I have misunderstood something I would of course be obliged (no sarcasm or satire intended, I mean what I say and I have said what I meant) if you would point out where I have gone wrong.

7
3
Anonymous Coward

Re: Skeptical...

Blinkered acceptance or blinkered rejection?

It very much seems to be the latter to me. MS have gone out of their way to make sure that keys are available to anyone who wants to sign their OS bootloader - something they didn't have to do, there were other key suppliers. MS have also specified in their documentation that safe boot must be able to be switched off and safeboot isn't even their technology. Yet a certain proportion of the FOSS community keep banging the "everything MS does is evil" drum, regardless of any evidence to the contrary.

16
20
Bronze badge

Re: Skeptical...

most applications dont install group policies, and most admins wont set them up if they did

you run mozilla in a mozilla group, and disallow writing to the windows install folder to stop activex etc malware when browsing, along with outlook

2
3
Anonymous Coward

Re: It should be applauded, and not require blinkered acceptance."

The post was about the quote and not the article - the fact that there was disappointment of scepticism. Scepticism should not be disappointing in any walk of life - it is perfectly healthy.

12
1
Anonymous Coward

Re: Skeptical...

The compromises in terms of ability to switch off etc were only specified after the sceptics voiced their concerns and to avoid anti-trust investigations.

You can be that an MS of 10 years ago would have specified that the PCs must be locked to MS only.

15
4

Re: Skeptical...

How does the saying go?

Those who don't know their history are doomed to repeat it.

Something like that. At any rate, anyone who knows anything about the history of Microsoft knows that they have gotten up to all sorts of underhand, nasty, sneaky, illegal, anticompetitive shenanigans. Repeatedly. Year after year. Screwing over everyone from their partners to the consumers.

Anyone who knows anything about Microsoft's history knows not to trust them at all.

Until its proven that secure boot isn't the anticompetitive scheme that it clearly can be, everyone should be on their guard.

24
7
Bronze badge

Re: It should be applauded, and not require blinkered acceptance."

but if firefox etc atleast installed a "virtual" group like the system group, and wrote the cache files with logged in user and browser groups for security and windows folder files was inheriting permissions on all objects and subs, then if you add the brower group to the windows folder, any file downloaded as a browser cache wouldnt be able to write to the windows folder and load anything on boot

2
0
Anonymous Coward

Re: Skeptical...

> RE: regardless of any evidence to the contrary.

http://en.windows7sins.org/

4
6
Anonymous Coward

Re: Windows7sins

Nice link if you want to read somebody just doing a pointless rant especially this bit

'The new version of Microsoft's Windows operating system, Windows 7, has the same problem that Vista, XP, and all previous versions have had -- it's proprietary software'

Tells you all you need to know doesn't it.

10
2
Linux

Re: Skeptical...

"but it does have a feature called Secure Boot that Microsoft has wielded with gusto" in hopes that Linux or any other competing operating system would go away

6
5
Bronze badge
Mushroom

Re: Skeptical...

Don't worry - im sure Linux will be quick to copy these new features - just like so many other security features that were in Windows first - like proper ACLs for instance.

4
20
Anonymous Coward

Re: Skeptical...

skepticism

1:

an attitude of doubt or a disposition to incredulity either in general or toward a particular object

2

a : the doctrine that true knowledge or knowledge in a particular area is uncertain

b : the method of suspended judgment, systematic doubt, or criticism characteristic of skeptics

3: doubt concerning basic religious principles (as immortality, providence, and revelation)

So if he's disappointed to be met with skepticism what would he have been happy to be met with? A Psychic Sally audience?

2
0

Re: Skeptical...

Errm, I remember proper ACLs back in 1980s' Primos and VMS, but I don't think they were in 'Windows'.

8
0
Silver badge
Thumb Up

Hey RICHTO

Is it your mission in life to make yourself look like a complete and utter twat in front of the maximum amount of people?

If so, then keep up the good work, you're doing great!

10
1

This post has been deleted by a moderator

Anonymous Coward

Re: It should be applauded, and not require blinkered acceptance."

"Scepticism should not be disappointing in any walk of life - it is perfectly healthy."

It's not healthy when it's only pointed in one direction and never applied to things you like.

5
3
Silver badge
FAIL

Re: Skeptical...

in Windows first - like proper ACLs for instance.

After they had been in VMS for over a decade already, and in the Unixes as well.

6
0
Bronze badge
WTF?

Re: It should be applauded, and not require blinkered acceptance."

Er, no. Security groups don't work like that on *any* mainstream OS, whether it be Windows, Mac OS or Linux. It might be nice if they could (although the resultant configuration would probably be too complex though, most developers seem to struggle enough writing applications that can't assume they have carte blanche access to the whole OS).

1
0
Bronze badge

Re: Skeptical...

After they had been in VMS for over a decade already, and in the Unixes as well

Most Unixes are still encumbered to some degree with the rather clunkly 9-bit permission set, with all of it's inherent limitations. Proper ACL support is a lot less common and where it does exist often has to be fudged a bit to work with applications that only know the "traditional" method.

3
2

Re: Skeptical...

Hello Anonymous Coward,

I do not really see the move towards Secure Boot as reducing consumer choice. After all, there is nothing which prevents other companies from setting up their own signing authorities, and, of course, other operating system vendors can certainly approach BIOS/UEFI firmware developers and motherboard manufacturers about including their keys. As a matter of fact, it is kind of disappointing that other operating system vendors have not stepped forward to do so.

If you are actually interested in increasing the range of supported operating systems, I would strongly suggest contacting the developer(s) of your favorite distribution(s) and asking them to add support for Secure Boot functionality.

Regards,

Aryeh Goretsky

4
1

Re: Skeptical...

Hello Anonymous Coward,

I do not have a copy in front of me, but I believe that the ability to toggle Secure Boot has been a part of Section 27.1 or 27.2 of the UEFI specification for quite some time.

Regards,

Aryeh Goretsky

2
0

Re: Skeptical...

Hello Eadon,

From what I recall, Microsoft's keys are actually issued by Symantec's VeriSign division. If they become too expensive for other operating system developers to purchase, I suspect other CA's will step up to take advantage of that particular situation.

Regards,

Aryeh Goretsky

5
0
Anonymous Coward

Re: Skeptical...

Hello Aryeh Goretsky

I just want to confirm this, but by the form of your three rapid responses to individuals keeping to the set format, and based on how many other sites I've seen posts with that same format. Would I be right in assuming you're hired by microsoft as a web based PR guy? Or girl. Sorry not sure which gender the name Aryeh belongs to.

Regards

Anonymous Coward.

3
5
Anonymous Coward

Re: Skeptical...

> Proper ACL support is a lot less common and where it does exist often has to be fudged ...

I was using "proper" ACL support back in the early 1990s and it used more than the 9 bit permission set (actually it is 12 bit because you have the SUID, SGID, and sticky bits). You could specify user access to a file without using the 9 bit permissions.

> ... a bit to work with applications that only know the "traditional" method.

The application doesn't control what files it has access to, that is a function of the OS. The application will simply try and access a file with no knowledge of how ACL is implemented. The OS will either allow or deny access.

3
1
Silver badge

Re: Skeptical...

"Would I be right in assuming you're hired by microsoft as a web based PR guy?"

Aryah Goretsky is the author of the white paper which the article you've just read is about. You did read the article, right? Not just race to the comments section to make accusations of conspiracy?

4
0
Mushroom

Re: Skeptical...

Downvote of AC:10:50 because of claim to have been "using "proper" ACL support back in the early 1990s" but then obviously has never written anything that creates a file with anything other than default permissions or that changes file permissions in any way.

0
2
Anonymous Coward

Re: Skeptical...

"I do not have a copy in front of me, but I believe that the ability to toggle Secure Boot has been a part of Section 27.1 or 27.2 of the UEFI specification for quite some time."

You are prone to logical fallacies I see.

I'm not sure that the specification states anywhere that the ability to toggle SecureBoot is part of the specification (rather than the specification allowing the ability to turn it on or off if desired) but just because something is part of a specification doesn't mean it has to be implemented. You might not realise this but Microsoft has stated that ARM devices MUST NOT allow the option to disable secure boot (their choice of that part of the specification). Also you may not realise that Microsoft made no mention of optional secure boot in the BUILD conference in September 2011 where it was first announced. It was only after people started questioning it (i.e. a bit of scepticism of their motives) that they stated that it must be optional.

That's the good thing about having people question a corporation's motives it helps to ensure that they don't take their monopoly (or even a non-monopoly) for granted. It doesn't matter if it is Apple, Microsoft, Google, Red Hat, Ubuntu, Oxfam, Save the Children, your local church priest etc. Always be prepared to have some scepticism of their motives if something doesn't seem right.

2
1
Anonymous Coward

RICHTO

Netware had a far better ACL system than NT - the system that NT copied...

0
0
Silver badge

Re: Skeptical...

@El Andy

Applications, except those explicitely written to deal with protections and ACLs (such as managing them, etc.), do not need to know, and should not need know about what way file permissions are implemented. They ask the OS: "I would like to read this file" and the OS says "Okay, here's a handle", or "Can I write to this file, prettyplease?" and the OS responds "No, sod off". Calls to modify the permissions or ownership on the file are also done via the OS, who then checks ACLs as present and allows or denies the call.

0
0

Re: Skeptical...

Hello Anonymous Coward,

I was just replying to various comments on John Leyden's article. Since it was based (in part) on my white paper, I felt that was the chivalrous thing to do. I work at ESET, which competes with Microsoft in the anti-malware software field. That said, we, like other anti-malware developers, also cooperate with Microsoft.

I am neither a Microsoft employer nor am I a web-based PR guy. I have received awards from Microsoft in the past, though, but not for my security work. My title at ESET is Distinguished Researcher, which basically means that "I'm old, crotchety and failed to duck when they handed out titles." I have a longer bio on ESET's blog (where I should be writing more blog posts) as well as a few other white papers up on ESET's website.

Regards,

(Mr.) Aryeh Goretsky

1
0

Re: Skeptical...

Hello Anonymous Coward,

It's quite possible I'm prone logical fallacies. I have, however, dealt with a few RFCs, specifications and the like from the IEEE, IETF, various trade associations and other organizations over the years so I'm used to seeing sections labeled MANDATORY, OPTIONAL, REQUIRED and so forth.

If a widget (software, hardware, etc.) does not implement all of the functionality that's required as part of a specification, it typically does not get to claim that functionality, use the appropriate logo(s) on its packaging and so forth.

I was aware of the UEFI requirements on ARM-based Windows RT devices while writing my white paper, however, because I did not have one to test with, nor, for that matter, were there any Windows-on-ARM tablets available that I'm aware of (aside from very old and underpowered Windows CE-based PDAs, which I do not think are modern enough to even be worth mentioning). The tablet space is very different from the PC space in that vendor lock-in is the norm rather than the exception, at least from looking at the dominant players like Apple and Android. Admittedly, a number of Android tablets can be rooted, but all the ones I have seen or used come with an operating system and software loaded, including some kind of appstore.

In the case of UEFI firmware and Secure Boot on ARM, I did not feel it was worth discussing since the experience there is largely one of a closed ecosystem already.

Regards,

Aryeh Goretsky

1
0
Anonymous Coward

Re: Skeptical...

"MS have also specified in their documentation that safe boot must be able to be switched off"

That goes against what I've read in the past, that the ability to be switched off was NOT a requirement of the specification. Now to get the specification you have to give them your name, company name, and email address, and then agree to this;

"I understand that I may download and read the UEFI 2.0, 2.1, 2.2, 2.3, 2.3.1 specifications, and Shell Specification 2.0 without the requirement of a license, and doing so creates no obligations or commitments on my part. I further understand and acknowledge that any distribution, additional reproduction, implementation or other use of the specification requires a license, which can be obtained by executing the UEFI Adopters' Agreement.

I understand that I may download and examine the UEFI 2.3 and 2.1 SCT materials without the requirement of a license, and doing so creates no obligations or commitments on my part. I further understand and acknowledge that any distribution, additional reproduction, running the test binaries or other use of the materials is not permitted except pursuant to my agreement to the terms and conditions of the license that can be obtained upon execution of the UEFI Adopters' Agreement."

I especially like (not) that the license, along with it's terms and conditions, is obtained by executing the "Adopters Agreement" (the text to which appears to be not freely available). Agreements that you must accept in order to obtain access to a license that you then must also agree to; no warm fuzzy feeling there, looks like an NDA but you won't find out for certain until it's too late. I smell a trap.

0
0

Re: Skeptical...

"Until its proven that secure boot isn't the anticompetitive scheme that it clearly can be, everyone should be on their guard."

And if it CAN be abused then it eventually WILL be abused.

UEFI is a straight-jacket dressed up as a security blanket.

0
0
Anonymous Coward

Re: Skeptical...

Hmmm... I think you will find that "proper ACLs" were not invented by Redmond.

0
0
Anonymous Coward

Re: Skeptical...

Please elucidate on what a proper ACL is, I'm keen to learn.

0
0
Silver badge

Re: Skeptical...

"That goes against what I've read in the past, that the ability to be switched off was NOT a requirement of the specification. Now to get the specification you have to give them your name, company name, and email address, and then agree to this;"

You're looking in the wrong place. Look at MS's requirements to PC makers to get the W8 certification:

MS Requirements.

These are open to all and free. Look around page 118. You'll see that MS demand that Secure Boot be able to be disabled by the user on all x86 devices. By implication, that means that the UEFI specification must say that Secure Boot can be disabled.

1
0
Anonymous Coward

AGAIN:

Signed UEFI boot and TPM are about CONTROL, not SECURITY. Which is bad news for those who thought they owned the hardware they paid for.

These things "protect" you from the freedom to tinker, in the faint hope that this will also discourage people who have strong financial incentives to bypass, break, moot, or otherwise subvert such measures. And the reason? A legacy of years and years of neglecting their own code on the part of the vendor. In that, it's as much security theatre as what happens on airports. Then again, executives tend to be frequent fliers. Coincidence?

27
13
Anonymous Coward

Re: AGAIN:

If it bothers you that much do you know what you can do? Just turn it off, it really is that simple

11
20
FAIL

Re: AGAIN:

If only it was that easy

6
3
FAIL

Re: AGAIN:

Try it sometime. Some BIOS do not allow you to and all RT hardware don't allow it.

10
3
Silver badge
Pirate

Re: AGAIN:

give it 6 to 12 months....It will be.....

2
2
Anonymous Coward

Re: AGAIN:

You can't get a "made for Windows 8" sticker, if you can't switch off safeboot. I'd guess that the hardware manufacturers want the sticker far more than they want to not allow safeboot to be switched off. Also the manufacturers of the uEFI code for the hardware manufacturers say that safeboot should be switchable.

6
1
Stop

Re: AGAIN:

In order to gain Windows Hardware Certification there is a requirement ("System.Fundamentals.Firmware.UEFISecureBootSystem" section 18) that makes it mandatory to be able to turn secure boot off, If it can't be turned off, it isn't certified (which is the whole point in the first place)

Quit spreading fud, if you don't like it, turn it off, install whatever you like.

11
6
Silver badge

Re: AGAIN:

x86 UEFIs are REQUIRED to provide the off switch or they're not Windows 8 compliant. As for RT, those are tablets, complete ecosystems, and not meant to be viewed separately. Even Android a pain in the butt to tinker. Sure there CyanogenMod, but a look under the hood reveals that many of the ones for various phones and such have incomplete support or spates of bugs.

7
1

Re: AGAIN:

Then don't buy an RT.

Problem solved.

6
2
Anonymous Coward

"Quit spreading FUD!" says the chorus of astroturfers.

Guys, all reactions saying "you can turn it off" are misguided.

But since you raised it, I'll address that counter too: The reality is that the competition now faces having to instruct the hapless user into doing extradoubleplus scary things in the bios before they can have a go at a non-redmondian OS. This is not a problem for the geek/nerd/it bod/whatever, but is for too many others. That written-off enterprisely locked-down desktops don't come with the appropriate key and are thus worth that much less as objects to tinker with. That it's just that much more hassle is not alleviated by being able to turn it off. So "just turn it off" is a "beware of the leppard" argument.

But really, what the spec says now is besides the point. That it might say something quite different come next version is also besides the point. Think about it.

I said it before, I'll say it again, for it doesn't get much simpler: This misfeature is about control. But they're selling this misfeature as something to help with security. So the salestalk is misleading. It doesn't help with security because, as usual, given enough incentive, people will bypass that control. It's already happening. So the bottom line is a loss of freedom for the average person and actually more power to the crook, because his services subverting the control are now worth that much more.

You are right that with an extra not in the spec it'd be that much worse. But we all know redmond, so this is merely a compromise for the time being. Knowing them we cannot afford to hope they'll never change the requirements. In fact, they do exactly that just about every release of their OS anyway.

Nonetheless, this situation is bad enough, and the point was exactly that the extra hassle doesn't buy us what we are promised it would buy. The ability to "turn it off" doesn't change that. That is all.

19
8
Silver badge

The only reason why we didn't get "secure boot" yet...

...was the FUD which was there before. This has caused Microsoft to back away from their original plans 10 years ago to completely lock the BIOS. Now they have the 2 fig leaves of making it possible to turn it off and to issue signatures for Bootloaders.

Now what will happen will be a few Microsoft sponsored security researchers praising "Secure Boot" and/or showing that disabling it creates such "huge" security problems. Then after a year or so Windows 9 will require it to be on at all times. Ohh and of course there will be no foreign signatures since those will be seen as evil.

8
6
Silver badge

Re: "Quit spreading FUD!" says the chorus of astroturfers.

"The reality is that the competition now faces having to instruct the hapless user into doing extradoubleplus scary things in the bios before they can have a go at a non-redmondian OS. "

If Linux has now reached the point that disabling a "BIOS" option (clue: UEFI is not BIOS) is seen as "extradoubleplus scary", then it's dumbing down is complete. It's pretty much the same as swapping the boot device is and we all managed that for many years. Good grief.

9
5
Anonymous Coward

Re: "Quit spreading FUD!" says the chorus of astroturfers.

"This is not a problem for the geek/nerd/it bod/whatever, but is for too many others."

Those too many others are the ones who generally aren't interested in non-Redmondian OSs. (Not capitalising proper names is childish, by the way.) Doesn't matter to them how difficult it is to turn off because they're not going to need to. You can probably tell by the way your mates stop talking to you about computers rather than say, "Wow! You're right! I must switch to Linux! Thank you for enlightening me, oh Tech God!"

"... given enough incentive, people will bypass that control."

Locks can be bypassed. Don't ever use them. Who's being disingenuous now?

"So the bottom line is a loss of freedom for the average person and actually more power to the crook, because his services subverting the control are now worth that much more."

And you think this sort of statement isn't FUD?

"Nonetheless, this situation is bad enough, and the point was exactly that the extra hassle doesn't buy us what we are promised it would buy. The ability to "turn it off" doesn't change that. That is all."

You haven't proved the point.. Please keep your word with regard to the last sentence.

6
9

Page:

This topic is closed for new posts.