Researchers unpick Vista kernel protection Security researchers have found a way to subvert the load-up procedure for Windows Vista and bypass its code-signing security checks. Indian researchers Nitin and Vipin Kumar of NV labs have developed a tool called VBoot kit, a custom boot sector loader, which launches from a CD. Once loaded, the tool allows hackers to make …
How to defeat the 3v1l boot kit:
1: Don't run a beta of an OS on a production machine (granted this is tough for Linux geeks who like to recompile their kernels twice before breakfast).
2: Don't allow booting from CDs in BIOS (duh).
3: (If you're paranoid about resetting board BIOSes) lock or rivet the case shut to prevent changing a machine's boot order. Modern cases allow padlocks and you can use rivets instead of screws on older ones.
Let's see, we have the evil boot rootkit (defeated), the evil animated cursor vulnerability (defeated: IE protection, user account control and standard accounts on Vista, limited accounts on XP/2K) beaten before their release.
Funny, the only real Vista flaw so far is the slow deleting problem with the shell. Come on, everyone, try harder! It's not like you didn't have a whole year of betas to go looking for flaws... oh wait, yes you did! And this is the best you can find?
Lets be realistic, you can't possibly disable boot from CD in the BIOS. If microsoft software ever tried this it would never go near any PC of mine again.
If I wish to install another OS on MY PC, then I'll damn well do it. No software provider has the right to hijack my machine and prevent me from modifying it.
Same thing if they prevent me from running GPL software, I'd get rid of that OS also.
It doesn't matter what's done to lock the OS down, someone will always want to have a "crack" at it.
If you buid a brick wall and go around telling people it's indestructable, expect someone to come along and have a pop at it. It's just human nature.
MS will never be able to 100% lock it down and I think they probably know this. It's a game of cat and mouse really, they'll just keep patching and patching to try and keep on top of any crack. It's just that the crack will just have to mutate to the same degree as Microsoft's patch. (WGA/IE7 anyone?).
> ...Funny, the only real Vista flaw so far is the slow deleting problem with the shell....
... and the fact that Vista goes tits-up and crashes whenever you try to actually DO anything with it...
... and the fact that there are hardly any usable drivers for Vista even for hardware currently in production.. (yes, I know that MS doesn't write the drivers, but what's the point in third parties writing drivers for an OS that no-one actually seems to want...?)
Looks like the convicted predatory US monopolist is finally facing the possibility of revenue-hunger... after all, only two of its divisions even make a profit: Office and Windows... so if they go down... :-)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
