Microsoft promises Windows 10 will mean two-factor auth for all Windows doesn't have the best reputation for security, but Microsoft has been outlining a series of improvements in the new operating system that it believes will stymie hackers and leave corporate data more secure. "We're no longer facing an evolution in security threats but a revolution," Chris Hallum, senior product manager …
Around half the people I know of that have bought Win8 machines can't figure out the current authentication system, and thise that do manage to get past the first boot questions are shocked and surprised after the first patch-tuesday enforced boot. "Why do I need a password, this is *my* computer!". Of course they don't remember whatever random keyboard mashing they did a week/month ago to clear "strange questions about my facebook".
Yep you would be surprised how many people when wanting to install say Skype and presented with the following links from 'whatever rogue search engine' they installed -
1. Skype.com
2. Skype.bargaindrugdeal.manhoodenhance.youllbesorry.virusahoy
Will still click on the second one.
"But how do I know?" is what they ask me afterwards.
Leaving a child (or anyone for that matter) with access to your account which has authority to install software is problematic at best.
I am unsure about other OSs but Windows has had low authority accounts (Basic, child, user, power user etc. depending on the version) for some time now.
I don't leave my machine unlocked and the offspring (and SO) have separate accounts. This includes the tablet (which is a Surface and thus has no problem doing this).
Indeed and at the same time employees in those same IT-departments who are members here at El-Reg will be logging on (behind AC badges naturally) telling us what insecure crap Windows is. Plus ça change, plus c'est la même chose.
...the word 'encryption' when it comes to user files especially if teamed with 'by default'. It just adds another level of danger when it comes to failed HDDs and data recovery of folks data that doesn't require such levels of protection.
"So you did a back up?"
Of course not. Their tears will sustain me I guess. This also applies to basically re-installing the OS and data too. Just making the support folks job all the harder and economically not viable.
On a side note when will MS enable DEP/SEHOP etc. etc. by default? You know, basically slip EMET into the OS as standard. I would have thought that would be a step in the right direction that should have happened at least 5+ years ago.
I have not yet seen any peripheral RFID device that will take the NFC comminications from an Android device and port it into Windows.
Let's not have a replay of Windows 8 being installed on non-touch screen laptops apply for Windows 10. The software and hardware BOTH need to be available and compatible.
I'm not buying a new motherboard anytime soon.
Fingerprints, NFC and Facial recognition all require new hardware to be used.
I don't want to give that kind of info to my computer let alone Microsoft.
Yep!, ignorant peeps believe in a panacea. Not saying I cared for most of those examples you gave, but the platform has kept a roof over my head for the period you stated, and hasn't when applied appropriately over your somewhat short period,(in the scheme of things), provided anything unresolvable, in the sphere of the technology it encompasses then and now.
Yes I hate their internal politics, horrible business practices, and the fact when something is deprecated they manage to remove it from their support sites almost immediately - ignoring the fact that the internet has a memory. Yet they still provide a viable option for peeps who have a life, (both in a development role or support). IGMC -because.
ps
Revolution is for the youngsters - but they will get old eventually and know.
"Microsoft wants to safeguard the data they are using, and so is adding containerisation technology for each file, ensuring it is sandboxed and encrypted."
Add cloud and your data isn't altogether yours any more.
Back in the days when our data was locked up on a mainframe at least we could get our management to do a bit of screaming on our behalf.
> There are no plans for a BlackBerry version as yet but Hallum said Microsoft would be keeping an eye on BlackBerry's popularity (politely declining to add the obligatory "or lack of it").
Talk about damning with faint praise.
If they used popularity as a measuring stick for what to support, perhaps Windows Phone wouldn't that high on the list, although I do know that Windows Phone users tend to quite like it.
Anyone know what the relative numbers are these days?
It may sound wonderful: extra security enhancement to make sure you're safe. But are they really?
Where people say "two-factor authentication for more security" I say "more options for the manufacturer to snoop on the end user". Especially because mobile phones will be the preferred method. Why does Microsoft need my phone number if all I want to do is use Windows?
Second; as I feared they're pushing their software store forward. Sure; I fully agree that it may make things easier for the end user; all they need to do is pick their software from a list, click install, and off you go. But it also locks the market down. And that is not such a good thing IMO.
As I mentioned before: Microsoft launches their new Office version and LibreOffice has just released their latest release. Do you really think LibreOffice would make it into a Microsoft store if there would be a risk that it could take away the spotlight from MS Office?
But most of all I can't help wonder why do we need more "security" like this?
Lets look at that latest PowerPoint attack. What is mentioned, but not as clearly as I'd like, is that end users had to go through several warnings and notices before their systems got infected.
You can apply a 4-way authentication scheme here; lets call the users on their phone to verify that they're really them before allowing them to use Windows. But that won't change the users mentality!
If said user opens a malicious document and clicks on several warnings that they're sure that they want to open it, then what?
The reason I mention this? The more you lock things down, the more the users will rely on the system and the more ignorant some will become. In the end these kind of options may very well lead to even less secure environments than you'd hope for. Because people start to rely on their system to keep things safe.
But, as we all know, a safe computer environment doesn't foremost depend on the system. Its the user who has the final say in all that.
2-Factor auth... Good!
... Tied to a smartphone ... Not!
... Using an actual token (in the smartphone) ... OK, as long as it works like the Battle.net one
... Not supported in BlackBerry ... BAD. Come on, every other virtual token solution supports it, if they can be arsed into supporting it, so can you! Or maybe MS is still butthurt that BB still has more market share than their failing mobile OS?
Not to mention that a large part of the US Gov, including the DoD only allow BBs on their network...
I'm not at all clear about why anyone would expect multifactor user authentication to be very helpful. Has anyone a census of the number of Windows machines hacked by way of password guessing? My hunch is that better than 99% of compromises result from software and wetware errors. The main advantage for users might be that it can simplify login procedures.
Those who administer a large number of systems will want to disable user admin rights as much as politically possible in their organization, so they also may not receive much benefit from multifactor authentication, perhaps using it only for those with administrative rights. I know of one federal agency where everyone has a smart card for access and those with admin privileges, which included many of the application developers, had a second one associated with authority to install and configure software. Management thought that preferable to the cost, which I think was around $50 a call, for the outside provider to do it.
Signed-by-trusted-providers software sounds useful, but might be ignored in part or full unless Microsoft provides a capability for users to add to the list of trusted signers. Wouldn't hurt to make people think a bit about it, so there's no need to make it a simple check box.
2-factor is a very good thing, e.g. when used to authenticate gmail etc. If I'm trying to log in via a previously unknown IP address then it will ask for the 2nd factor. Fine, but a bit of a pain if I don't have my phone with me.
How will this work with Windows? Steal the laptop and plug it in to a strange network and it will quite often end up with 192.168.0.1 (or whatever), or use it normally with WiFi hotspot (or even plug in to corporate LAN) and it gets a different IP every time. I wouldn't want to have to use 2nd factor every time I log in.
So when will it prompt for second token?
This post has been deleted by its author
If they are doing it properly, it should be asking for token auth every time you log on, or at least on first logon after power-on and after waking up from sleep. Which would make it impractical for most regular users that aren't used to this.
2FA makes a lot of sense for sensitive stuff, or online services where money is moving, such like e-banking. It doesn't make sense for laptop access, unless you're carrying sensitive data in which case you would already have some extra measures in place anyway.
What's the purpose for 2FA on Windows? I fail to see the usefulness for local logins with 2FA. And I'm saying this as someone who is perfectly OK with 2FA on banking sites (I carry at least 4 physical tokens with me).
For Windows 8.1 this is no problem. If you want to deploy to a Windows 8.1 Phone, then you have to register the phone as a developer device with MS first. I think you need a dev account to do that, but I might be mis-remembering. You can only install 10 apps at a time in this way.
I guess the story on Windows 10 might be similar to this.
Every login will ask the mothership for permission to launch before allowing the user access to their own system.
Well, that has to be there if licensing by subscription is to take off.
Not connected to the interweb? Then 'Computer says bog off'.
That's how I see it all panning out.
If by some freak this comes to fruition then I forsee another Windows 8 disaster in the making in terms of user acceptance.
Why do so many display such ignorance in public?
Microsoft and Google already have authenticator apps that run on smartphones. These apps follow a standard protocol and are compatible i.e. you can use the Microsoft Authenticator app to generate a key that will work when a key from the Google Authenticator app is expected.
There are two kinds of file encryption: The kind that is easily cracked (and therefore has no advantage over plaintext) and the kind that ensures you will never be able to recover any of your precious data back when you desperately need to.
Either way is doesn't sound like a very good idea to me.
I'm going to be a devil's advocate here for a moment... Will this mean that if you don't own a smartphone, you're screwed? There's still a lot of people (in spite of what Apple, Nokia, Samsung, etc.would have us believe) that don't have smartphones. Will this mean that having one will become a condition of employment? A condition to use their home computer? Every "solution" always begats more headaches.
When I get home I enjoy using my Windows machine with no password on the admin account because shockingly I trust the people I live with not to fuck with it plus they wouldn't be stupid enough to make me angry. Who really cares about authenticating users on Windows PCs? If my work makes me use 2 factor I'll resign and find a company that trusts its employees. I don't want to work in a company where people are prone to fuck with each others accounts.
This will make no difference to security as once you login it's still the same shitty Windows kernel that anyone can hack from a cyber cafe in china where they don't even have freedom to use facebook but they can fuck with our PCs and do for fun.
Why would I care about the files on my Windows PC not being encrypted when I know how to run a Linux file server that's better than NTFS in every way?
Do I want to wait an hour for Windows to enumerate the several million files I have, or would I rather Linux did it in seconds? Hmm tough choice...
Do I want to use the Microsoft encryption with the NSA master key that allows FBI et al to unlock all your "encrypted" files whenever you're accused of the heinous crime of copyright infringement? Or would I rather use open source mathematically correct encryption where only I hold the keys. Again it's such a hard choice. Tell you what Microsoft, why don't you take several hundred of my dollars and decide for me, because I'm obviously far too stupid to decide for myself.
And what's the point of encryption if they give the keys to a bunch of corrupt government agencies in a foreign country where I have no vote? Doesn't sound very much like freedom to me.
I can see it now. On your first boot after install there are two questions asked.
MS: Pick a number between one and three.
MS: What is the result of that number divided by two.
That number is now your security token. It will be sent to you if you forget your password as an emergency access numer. Please give us your Name, Address, Age, Sex (yes/no), Phone number,........
This should be really funny in say shops, doctors, schools or anywhere with an industrial machine, atm, digital signage, there is an endless list of places it won't work and will be an interesting pain in the arse when say half your employees change their phone in a year or perhaps have an old non nfc iphone or perhaps one of the new ones that may or may not play nice with microsoft. Just how will the enterprise enroll not only a user but their phone.Hyy move to windows 10 increase your support costs and make sure nothing is recoverable when you lose your phone. Lets hope windows seven support stays around for a very long time.
The only way any OS Windows will ever be even close to secure is if Microsoft quits automatically giving superuser privilege to ALL user accounts by default, and instead make all new installation instances of Windows OS default to having an Admin account with superuser privilege and one or more limited-privilege accounts for the user(s) to do their daily work.
In addition, by default, NO .exe or .dll or other binary program should be executable in the context of any limited-privilege account, meaning that all binary software MUST first be installed from a superuser account for the system to use as a whole. It will also most likely be necessary to prevent even non-binary programs from running in the user-context without explicitly granting them permission.
That would solve about 99.999% of the malware problems and until that is done everything else is just adding additional ineffective security band-aids on top of a whole pile of other, older, ineffective security band-aids.
Furthermore, my experience with those piles of security band-aids is that malware finds a way around them every time, and then those "security" band-aids turn into major impediments for removing the malware. In other words, the security measures don't block the malware, but does block the sys admin efforts.
"The only way any OS Windows will ever be even close to secure is if Microsoft quits automatically giving superuser privilege to ALL user accounts by default, and instead make all new installation instances of Windows OS default to having an Admin account with superuser privilege and one or more limited-privilege accounts for the user(s) to do their daily work."
So its been secure for the last decade then....
"In addition, by default, NO .exe or .dll or other binary program should be executable in the context of any limited-privilege account, meaning that all binary software MUST first be installed from a superuser account for the system to use as a whole. It will also most likely be necessary to prevent even non-binary programs from running in the user-context without explicitly granting them permission."
You mean like say only via a limited access service account - as per the default settings for much of the Windows OS file system for the last decade?
"That would solve about 99.999% of the malware problems"
But it hasn't.
"Furthermore, my experience with those piles of security band-aids is that malware finds a way around them every time"
But that conflicts with what you just said!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
