back to article You know who else hates Windows 8? Hackers

Microsoft's emphasis on the mobile nature of Windows 8 and its bold touch-friendly user interface may lead some to fear the software giant has taken its foot off the pedal in terms of security. However there are plenty of changes under the bonnet to merit an examination of the new operating system's defences. Judging by the …

COMMENTS

This topic is closed for new posts.

Page:

Mushroom

First vuln for Windows 8 already patched

Microsoft Windows TrueType Font Engine CVE-2012-0159 Remote Code Execution Vulnerability.

LOLZ! Enough said, the OS can be "secure" which doesnt mean alot when the apps/updates installed arent "secure"...

2
6
Silver badge
Mushroom

Re: First vuln for Windows 8 already patched

Wrong - that vulnerabiity does not apply to Windows 8 RTM.

3
5
Thumb Down

Two things:

(1) I've used Microsoft Security Essentials for years now and it's brilliant. Totally non-intrusive. high performance, free and AS GOOD AS the paid for versions (don't trust rankings just from googling). I have McAfee at work and it's TERRIBLE for machine performance. So why does this article say MSE is good for a "free" anti-virus? The only difference I can see between MSE and paid-for is the exchange of money and some processes on your machine that are going to eat the CPU, memory and disk performance.

(2) I've had Windows 8 for a few days now and I can say it's pretty good. I spend 99.9% of my time at the desktop and the experience is almost exactly the same as Windows 7, except for quite a few improvements like the new Task Manager, copy file progress dialog and so on. At £25 for the upgrade it was a bargain.

6
3

Re: Two things:

"I spend 99.9% of my time at the desktop and the experience is almost exactly the same as Windows 7"....

Maybe you should get out more and have a life.

5
4

Re: Two things:

Hello Robinson,

If you have not read the white paper, here is what I actually wrote in it:

<i>"Windows Defender as included with Windows 8 is a good product and does, in fact, provide a decent level of protection, especially when compared against other free anti-malware programs. However, Windows Defender does not contain many of the advanced features and functions of paid-for solutions, such as a high level of granularity for threat detection, task scheduling, centralized management and reporting and so forth. As with other free anti-malware programs, support options for Windows Defender are limited."</i>

It is <b>not</b> an issue with detection, but rather lack of functionality. Now, admittedly, most home users do <b>not</b> have a need for centralized management or support, but such features are pretty much requirements in the business world.

I hope that explains things for you.

Regards,

Aryeh Goretsky

0
0

This post has been deleted by its author

Silver badge

UEFI could have provided some security

If I could wipe all the keys and install one of my own, then I could be confident that only kernels I sign can be booted. As it currently stands, the manufacturers install Microsoft's key, and whatever other keys they choose or are legally required to boot CIA signed malware.

6
2
Anonymous Coward

Re: UEFI could have provided some security

But MS has been so good to allow us to have MS built in to the firmware's security, or to turn it off. How nice of them. Now you want to have a feature that you, a mere user, can use as you see fit AND have it turned on at the same time? You ungrateful bastard.

4
1
Silver badge

Re: UEFI could have provided some security

"But MS has been so good to allow us to have MS built in to the firmware's security, or to turn it off. How nice of them. Now you want to have a feature that you, a mere user, can use as you see fit AND have it turned on at the same time? You ungrateful bastard."

How exactly are you supposed to sign an OS without the private key. And if the private key is public, how is the security of Secure Boot not compromised?

2
1
Anonymous Coward

Re: UEFI could have provided some security

Firmware accepts public key (for checking) from user via keyboard or other device but NOT via other software running on the machine. It is the user's key, or a vendor's as appropriate.

A private key would exist elsewhere, in possession of whoever signed the bootloader.

This is exactly the same as having a single vendor's key built in (as is the case) only less sinister.

1
1
Alert

Secure Boot

On paper, Secure Boot looks mostly okay, and Microsoft seem to be reaching out to the open-source community to allow people to install other OSes.

Thumbs up to this. That said, I have to wonder whether the remedy is worse than the complaint.

The UEFI kernel itself is BSD-licensed code. So for the first time in many years, you'll have boot firmware on consumer personal computers that is actually based on open-source code. But have a look at the code, specifically look at how much code there is in the UEFI firmware.

This was a point brought up by Matthew Garrett in his speech at LCA2012. The upshot is that we can expect that some UEFI firmware images will likely have exploitable bugs that will render "Secure" boot, insecure.

Moreover, secure bootloaders really should be seen as the very last line of defence. If something is tampering with your boot sector at the higher layers of the operating system, You Are Doing It Wrong!

This is what should happen when something tries to do anything with the boot sector:

stuartl@vk4msl-mb ~ $ dd if=/dev/zero of=/dev/sda

dd: opening `/dev/sda': Permission denied

See that? "Permission denied". Now, if I re-try that as root, then yes, it'll work, and I can kiss goodbye my GUID partition table, ReFIT, MacOS X boot-loader and lots of other stuff. The key is to limit what has access to root privileges, and to lock down those components that do so that Bad Stuff doesn't happen.

9
3
Silver badge
Mushroom

Re: Secure Boot

But that is what happens - unless you have 'root' access as administrator.

1
7
Anonymous Coward

Re: Secure Boot

So what you're saying is that Windows does react as I said it should — denying write access to the boot sector.

Could someone then enlighten me why we need secure boot? Surely if the OS is secure, it will be impossible for something to write to the boot sector?

If something has penetrated that far into the OS, I'm not sure what protecting the boot sector would achieve, the OS is already hosed in this case. Secure boot would just make the machine completely unbootable in the process.

This is my point: Secure Boot is a solution looking for a problem.

4
2
Silver badge

Re: Secure Boot

"This is my point: Secure Boot is a solution looking for a problem"

There are whole families of malware that work by infecting the boot process and which Secure Boot protects against.

"Surely if the OS is secure, it will be impossible for something to write to the boot sector?"

If you make it impossible to write to the boot sector, how do you ever install or upgrade your OS? I note that you are replying to Richto's comment about Win8 RTM being immune to the exploit "CVE-2012-0159". I'm not sure how you got from that to never being able to write to the boot sector from within the OS.

4
1

Re: Secure Boot

Could someone then enlighten me why we need secure boot? Surely if the OS is secure, it will be impossible for something to write to the boot sector?

The problem it aims to solve is "How do you recover a system that has been compromised?" Regardless of what OS you run, if a vulnerability is exploited and some very low-level hypervisor-like rootkit gets installed you need some way to detect it and subsequently clean it up. You can't even rely on a format-and-reinstall approach because there are rootkits in existence today that can fake enough of the boot process to circumvent that. Enter Secure Boot, which prevents such malware from taking effect.

Obviously it's better if you never get compromised in the first place, but good defense-in-depth strategies have to assume that you might and work on putting additional protection in place to limit the damage that can be done, even by something which has managed to get root/Administrator access.

2
1

Re: Secure Boot

Hello,

Secure Boot helps protect the computer against bootkits and rootkits before the operating system and anti-malware software has fully initialized and had a chance to set up security. This is covered in detail in the white paper. :)

Regards,

Aryeh Goretsky

1
0
Silver badge

Re: Secure Boot

So what happens when the malware authors turn their attention to the EFI itself? Talks of developing EFI malware have been floating around for years.

0
0
Silver badge

Re: Secure Boot

"You can't even rely on a format-and-reinstall approach because there are rootkits in existence today that can fake enough of the boot process to circumvent that."

Not even the "Nuke 'em from orbit" approach, where the drive's formatted from a an OS on a different boot device, say a USB stick or the DVD installer?

0
0
Silver badge
Mushroom

Re: Secure Boot

Correct - Secure Boot will completely stop the machine booting a compromised OS. At which point you can boot into System Recovery and replace the compromised files.

What the problem? Seems like a great solution to me.

1
2
Coat

Re: Secure Boot

Yes, and naturally, because of the superior security of Windows 8… even though the boot sector, not normally accessible to userland applications, has been compromised, the system recovery data will still be magically intact and bootable.

Now someone please help me up off the floor, I can barely stand from laughing so hard.

0
1
Silver badge

Re: Secure Boot

"Yes, and naturally, because of the superior security of Windows 8… even though the boot sector, not normally accessible to userland applications, has been compromised, the system recovery data will still be magically intact and bootable.

Now someone please help me up off the floor, I can barely stand from laughing so hard"

You obviously don't understand Secure Boot or you would have realized that anything from the recovery data will be subject to the same checks. Think about it - if the OS cannot alter the keys in UEFI, then how could code running from the recovery partition which is (to UEFI) just another OS?

Before you laugh so hard, you should familiarize yourself with how this works.

0
0
Anonymous Coward

Re: Secure Boot

Yes, it will be subject to the same checks. It is probably subject to the same infection that the main OS is subject to, and thus, will be completely useless for recovery purposes.

Upshot: OS is completely hosed, boot-sector and recovery data included. The only data that is safe is that which is stored on media that is read-only or inaccessible at the time of infection.

My point: Anything that has managed to bypass the security of Windows, to infect the boot sector, will have likely bypassed the same security to infect other areas of Windows as well. Thus the entire OS is suspect from the boot sector, kernel, core system libraries, user applications, the lot. One could quite rightly argue that on a machine that dual boots, the other OSes are similarly hosed.

Secure Boot prevents you from booting this infected OS. It does not help you recover without the use of some external media. In fact, it's hard to see how it makes that situation any better than what we have now, other than the fact that the external media must also be signed to boot.

It's just adding complexity where, IMO, it isn't needed. The good news though for those who think of it as a total wank; on x86 hardware it is supposedly possible to disable it. What I don't know, is if there is a standard consistent way, across all manufacturers of computing equipment, to disable it … or is it going to be like herding proverbial cats towards a common interface for this?

0
0
Silver badge

Re: Secure Boot

"Yes, it will be subject to the same checks. It is probably subject to the same infection that the main OS is subject to, and thus, will be completely useless for recovery purposes."

I'm not sure whether you genuinely think that anything which doesn't provide 100% bullet-proof security is therefore not worth having at all, or if you're just trying to find reasons to dislike Secure Boot, but based on your other posts I'm afraid I'm assuming the latter. Yes, it is theoretically possible that a recovery partition will also be infected. But you obviously don't work in the anti-virus industry or have much familiarity with modern malware. The days where people wrote a virus to brick your computer more or less ended in the 1980s. The point of modern malware is to get hold of sensitive details or to subvert your computer resources for another party's use. Neither of which are achieved by infecting the recovery partition. Aside from this requiring an additional layer of penetration and in addition to the need to infect the recovery partition opening up several new ways of detecting and combatting malware, it forces malware writers to take a different approach because their aims are not achieved by infecting the Recovery Partition (assuming there is one).

Pretty much the whole of the rest of your comment hinges on you being incorrect on the value of Secure Boot, so I'm not going into it except for the following:

"What I don't know, is if there is a standard consistent way, across all manufacturers of computing equipment, to disable it … or is it going to be like herding proverbial cats towards a common interface for this?"

Have you never used UEFI? It's like BIOS but friendlier. If you can manage to swap a boot device in BIOS, I have little doubt you'll struggle toggling an option saying "Secure Boot: Enabled" to "Secure Boot: Disabled."

1
0
Anonymous Coward

I find myself using my Android phone for all my secure stuff. So the security of my Windows machine is good enough with the supplied stock software.

2
1

This post has been deleted by a moderator

Silver badge
Mushroom

Re: most secure windows evar - BUT

And Linux is repeatedly claimed as secure. Yet you are many times more likely to be hacked if you run a Linux based internet facing server than a Windows one...http://www.zone-h.org/news/id/4737

1
11
Thumb Down

Re: most secure windows evar - BUT

And the relative numbers of Internet-facing web servers are? From some blunt Googleing, I think that ~16% of websites run IIS, so non-IIS sites are, just based on numbers, 5-times more likely to be attacked. Adjust your numbers accordingly.

1
0
Anonymous Coward

Re: most secure windows evar - BUT

You really need to read your sources before spouting rubbish...

They are pointing the finger at multiple sources:

1. Bad code on the web servers.

2. Misconfigured servers.

3. Missing communication between developers and administrators.

4. Long time from identification of CMS problems to fixes for same (affects both Linux and Windows)

And yes, kernel bugs fixed in 2007 were reintroduced in 2008 x86-64. The windows servers are still hacked through the same flaws as in 2000, så I would say that there are problems all around. And we are talking 2010 here, not 2012. You really need to keep your systems up to date, otherwise you are sure to be vulnerable.

And I haven't cross referenced anything, just read what you pointed at as a source. Please read your source before misusing it.

1
1
Silver badge

Re: most secure windows evar - BUT

"You really need to keep your systems up to date, otherwise you are sure to be vulnerable."

That's what it really comes down to. Ultimately, I would take a well maintained Red Hat server over a poorly managed Server 2012 every time. And vice versa. A little less OS-zealotry and a bit more recognition that no OS is perfect, would go a long way on these forums.

3
0
Silver badge
Mushroom

Re: most secure windows evar - BUT

Yes 16.5% on IIS versus 57% on Apachi. So even if you adjust accordingly what i said stands.

0
3
Silver badge
Mushroom

Re: most secure windows evar - BUT

For a set it and forget it server that can keep itself secure, I would take Windows 2012 over Linux any day.

Not to mention that Windows Server has an order of magnitude fewer security vulnerabilities than an enterprise Linux distribution anyway.

0
4
Anonymous Coward

Re: most secure windows evar - BUT

To be fair, a lot of the break-ins on Windows servers are probably down to dodgy code provided by sources other than Microsoft as they are on Linux and Unix systems.

Ohh, and it's Apache, not "Apachi", RICHTO. :-)

0
0

This post has been deleted by a moderator

Anonymous Coward

Re: Secure boot is designed to hurt Linux

"MS will squeeze and squeeze until in the future Linux will not be able to be installed by non-geeks."

From the writings of the evangelists, most of the non-geeks who do have it have had it foisted upon them by their nerd friends/relatives, no doubt after months of nagging.

4
10
Silver badge
Mushroom

Re: Secure boot is designed to hurt Linux

It is not Microsoft's fault that PC manufacturers likely have no interest in collecting and installing Linux boot loader signing keys in their firmware. Likely Linux needs greater than 1% market demand for that....

0
3
Anonymous Coward

New proof-of-concept bootkit targets UEFI

"Developed by ITSEC, the new bootkit is able to attack the UEFI firmware and its basic security features, possibly showing a new avenue for cyber-criminals and malware writers focused on creating “invisible” malware to hijack computers, steal user’s data and remotely-manage botnets." link

1
0
Silver badge

Re: New proof-of-concept bootkit targets UEFI

Now, does it need "root" or hardware access to be installed? If yes, why should an attacker bother with that. If he has root access he already won.

The "invisibility", which is pointless as it's common sense to boot virus scanners from a separate removable disk, doesn't bring much advantage to the attacker.

0
1
Silver badge

Re: New proof-of-concept bootkit targets UEFI

"Now, does it need "root" or hardware access to be installed? If yes, why should an attacker bother with that. If he has root access he already won."

Because the attacker wants the malware to persist on the system and therefore it must be installed somewhere that it can be run and run again. The attacker does not want to trick the user into granting privileges (for a trojan) or have the visitor visit an exploit containing site every time that they want to subvert the purpose of the PC. You may only get one shot at the PC so you use that access to install your malware.

"The "invisibility", which is pointless as it's common sense to boot virus scanners from a separate removable disk, doesn't bring much advantage to the attacker."

It's not common at all to launch virus scanners from a separate removable disk, it's so massively inconvenient to most users that it also wouldn't be done and unless you're actually booting from the separate removable disk, then you only have the boot processes word that it is launching the anti-virus software on the other disk correctly. And if you are booting from the removable disk then who is to say that this wont get infected? All you have done is put your boot partition somewhere less convenient and gained nothing.

2
0
Silver badge

Disappointed?

While UEFI is not a fatal block to installing Linux on a PC, computer manufacturers should have told Microsoft in no uncertain terms that while the basic technology to prevent boot sector viruses and the like is a good thing, no version of it would go into production that was not 100% operating-system-neutral, that didn't put Windows and any other operating system offered for x86 computers on an absolutely equal footing.

As that did not happen, government intervention will now be required. But Linux doesn't make profits with which to pay for an antitrust lawsuit. And OS/2 isn't being actively promoted as a commercial product, although a German firm still sells it under another name - and the commercial OS companies can presumably get the UEFI keys too... bare-metal hypervisors, like ESXi from VMware, I presume, aren't locked out (or turning off UEFI is no issue for them because hypervisors don't get directly attacked).

2
2
Silver badge

Re: Disappointed?

"While UEFI is not a fatal block to installing Linux on a PC, computer manufacturers should have told Microsoft in no uncertain terms that while the basic technology to prevent boot sector viruses and the like is a good thing, no version of it would go into production that was not 100% operating-system-neutral, that didn't put Windows and any other operating system offered for x86 computers on an absolutely equal footing."

There are a number of fundamental misconceptions in the above. Firstly, UEFI is not the same thing as Secure Boot, any more than Car is the same thing as Steering Wheel. UEFI is a replacement for BIOS. Secure Boot is one of many features that the UEFI spec supports. UEFI is not a block to Linux. It actually provides features that Linux already takes advantage of, such as GUID Partition Table. This fundamental misunderstanding in your post makes me strongly want to tell you that you need to go back and read more about this stuff before you comment.

Another big misconception in the above is that Microsoft is responsible for UEFI. The UEFI Forum is made up of all the major hardware manufacturers and some OS representatives such as MS. UEFI comes from Lenovo, Samsung, Apple, HP, Toshiba, AMD, Intel and all these hardware manufacturers. Microsoft are merely one of the first to make use of Secure Boot. No Linux distribution is really taking advantage of it but they should. (Red Hat and Ubuntu are using it for their boot loader, but not more than that). Secure Boot is useful and contrary to your post, it is OS neutral. Any OS producer could go to any hardware manufacturer and get their software signed. Red Hat has gone to Microsoft to get signed because Microsoft will do it cheaper for them. Also, MS have required Secure Boot to be disableable by the user on x86 as a condition for Win8 certification. You may not like this, but MS's requirement protects Linux against being closed off.

"As that did not happen, government intervention will now be required."

Your initial argument is based on misunderstandings, so the above conclusion is not shown.

"But Linux doesn't make profits with which to pay for an antitrust lawsuit."

An antitrust suit would fail because it would be groundless. Secondly, Red Hat has an annual revenue of $1.1bn, I have no idea how much SuSE's owners make. Linux is profitable.

"bare-metal hypervisors, like ESXi from VMware, I presume, aren't locked out (or turning off UEFI is no issue for them because hypervisors don't get directly attacked)."

Both parts of the above show a serious lack of understanding of how either Secure Boot or hypervisors or both, work. Seriously, and politely, you don't have the knowledge to be commenting on this and should do some more reading on how it all works.

6
3

This post has been deleted by its author

Anonymous Coward

Re: Disappointed?

"The UEFI Forum is made up of all the major hardware manufacturers and some OS representatives such as MS."

Relationship between MS and manufacturers poisons the Forum.

"Any OS producer could go to any hardware manufacturer and get their software signed. Red Hat has gone to Microsoft to get signed because Microsoft will do it cheaper for them."

When you say this, it sounds positive to you?

3
5
Silver badge

Re: Disappointed?

"Relationship between MS and manufacturers poisons the Forum."

Well at this point, you're just insisting on your case whatever the evidence. Even if MS wasn't on the forum with a dozen major-league hardware players, you'd insist that a commercial relationship made MS the shadowy controller behind it all. Presumably you also consider HTML poisoned because MS are on the W3C, renounce Javascript. I bet you even think Linux is poisoned since Microsoft have contributed to the kernel - I mean it doesn't matter how small MS's role in something is, if they're outnumbered and out-market capped by all those hardware manufacturers, they're on the forum so it's poisoned.

Honestly - someone says MS produce UEFI. I point out that it's actually an open project of numerous hardware manufacturers, but no - MS have poisoned them all.

"When you say this, it sounds positive to you?"

Yes it does. I want to see Red Hat and other distributions maintain security parity with Windows. Competition is good. If MS are willing to sell their signing services to Red Hat for cheaper than it would cost Red Hat to manage all the infrastructure and process themself, that is a good thing.

5
3
Silver badge
Mushroom

Re: Disappointed?

"You may not like this, but MS's requirement protects Linux against being closed off." - it also makes sure it can still run Windows 7 as would be required by many corporates in the short term ;-)

1
2
Silver badge

Re: Disappointed?

"Relationship between MS and manufacturers poisons the Forum."

Apple is part of the group and COMPETES with Microsoft. What now?

1
0
Anonymous Coward

Re: Disappointed?

Apple has its own reasons for a Secure Boot that turns the user into the used, just as MS and its slaves partners do. Remember that Apple has no interest in putting its software on other hardware, so the two companies are allied against consumers on this matter.

0
0
Anonymous Coward

Re: Disappointed?

"Well at this point, you're just insisting on your case whatever the evidence. Even if MS wasn't on the forum with a dozen major-league hardware players, you'd insist that a commercial relationship made MS the shadowy controller behind it all."

I suppose its just conspiracy nuts who think that PC manufacturers make machines to MS' spec so they can get a little sticker on them.

The thing about MS poisoning the forum is that it effectively means there are only a small number of interests in it, mainly MS and Apple. Having them at the wheel, the future is in safe hands, right?

"Presumably you also consider HTML poisoned because MS are on the W3C, renounce Javascript. I bet you even think Linux is poisoned since Microsoft have contributed to the kernel - I mean it doesn't matter how small MS's role in something is, if they're outnumbered and out-market capped by all those hardware manufacturers, they're on the forum so it's poisoned."

This is just a bizarre derailment.

"Yes it does. I want to see Red Hat and other distributions maintain security parity with Windows. Competition is good."

I agree.

"If MS are willing to sell their signing services to Red Hat for cheaper than it would cost Red Hat to manage all the infrastructure and process themself, that is a good thing."

"Willing" could easily be replaced by "in a position to" here and you would still be happy with it. Yes there is a custom mode that allows a user to install their own key - but the specification of how that is done is not actually there at all. The only reason it's not as locked down on x86 or amd64 as it is on arm is that the US and European authorities are paying attention to Microsoft in one market and not the other. When the company telling hardware vendors what to do skates on the edge of the law I suppose that is a good thing, compared to what would happen without the law. Kind of like how not being kicked in the balls particularly hard is a good thing. Note that what they've done with ARM is exactly what Apple does with its locked down iThings, except they've managed to make it a spec which other manufacturers will follow, effectively meaning that Microsoft and any manufacturer who makes Windows ARM devices a single entity in that market of exactly the same type as Apple.

Red Hat has decided, for ill or good I don't know, that it is in its interest to get its distro installed on UEFI machines using Standard mode. So they at least do see a problem with the spec as it stands, otherwise Custom would not be a problem. Or maybe they just couldn't be arsed to manage their own keys, as you suggest.

0
1

I still don't get...

If a vulnerability such as the plaintext within encrypted container password/picture thing on Windows 8... requires local administrator rights to access, and isn't actually useful for anything local... why is that such a major problem?

0
0

Absolutely shocking: in the MS store in Pentagon City, not a single device from ANY OEM or MS has 4G or even 3G !!!!

A stunning failure for a company trying to leap-frog Apple !!!!

An absolute failure of corporate strategic planning.

How does Ballmer fire himself? Look in a mirror, Mr. Ballmer and mouth the words "your fired."

0
3
Silver badge
Mushroom

Had the Windows Phones sold out again then?

0
2

Page:

This topic is closed for new posts.

Forums

Biting the hand that feeds IT © 1998–2018