15. February 2008 16:04
Ya, that's right. Me baby. Me. :)
It just appeared on MSDN Subscriber Downloads a few minutes ago.
21. February 2007 12:21
Sorry for the delay of part 3 of my series (Part 1, Part 2) on The FUDing of Windows Vista, but I've been pretty busy.
Today, however, I simply couldn't stop myself. The Register decided to write a "review" of Windows Vista's security features. Needless to say, it's a prime example of the FUD I'm talking about.
So, point by point:
While referring to IE's Protected Mode feature:
However, there is a brokering mechanism that enables users to download files to any location they have access to, or to install browser plugins and extensions, and the like. So users are still invited to make a mess of their systems, and no doubt many will, while Microsoft has a chance to shift blame away from itself.
Uh huh. First, you can't install plugins/extensions (with the exception of signed ActiveX) without admin privs. Period. Second, how, exactly, would you propose the user be able to save files to their Documents folder, or do any other file operation in their profile (or basically anyplace on the system) without this brokering mechanism? Would you prefer that Microsoft not allow users to download *any* files via the browser? Ya, that would work out well.
However, IE7 on Vista does still write to parts of the registry in protected mode.
IE7 is running as an extremely low-rights user. This does *not* mean that it doesn't have the ability to write to any part of the registry. It means that the registry's ACLs must explicitly allow write access to the IE's low-rights user. Certain locations have been explicitly marked as write-safe for the low integrity process. The example given by The Register is one of them. In other words, it's not an issue.
However, DEP, when full on, may cause a number of applications to crash, or interfere with their installation. I'm betting that a majority of users will opt for the more conservative setting, and this of course means less defense for everyone.
You're betting that the majority of users, most of whom think "DEP" is an actor's last name, will go and hunt down the DEP setting and turn it off because it will supposedly cause lots of applications to crash? Really? You mean they won't selectively turn it off via the dialog box that comes up after a DEP-related crash that asks if you want to turn it off just for this application? Oh, and what quantitative study are you citing that shows that lots of commonly used applications will crash because of DEP? Give me a break.
User Account Control (UAC) is another good idea, because it finally, finally, finally allows the machine's owner to work from a standard user account, and still perform administrative tasks by supplying admin credentials as needed on a per-action basis. You know, the way Linux has been doing it forever.
Windows has supported running individual processes as admin (or any other account) since NT4. It was integrated into the GUI in Windows 2000. That is not the point of UAC, and it's not how Linux does it at all. If you try and run an application or perform an operation on Linux or Unix that requires admin access, it will fail. It doesn't prompt you. It's a subtle, but big difference. And it's a critical difference in the Windows world where that vast majority of applications won't work without admin privs.
Of course, it only works if everyone stays out of the admin account as much as possible, and if everyone with an admin password knows better than to install a questionable program with admin privileges. And there's the catch: "Windows needs your permission to install this cleverly-disguised Trojan nifty program. Click Yes to get rooted continue."
Wrong. It works regardless of what user you *think* you're running as. An admin account on Vista (with UAC enabled) is NOT AN ADMIN ACCOUNT. It's a limited user. The *only* difference is that an admin account isn't prompted to type in credentials in the UAC prompt, where as a limited user is.
So you see that, here again, MS's security strategy involves shifting responsibility to the user.
Ok, smart ass. What's a better solution? Get rid of admin accounts entirely? Don't allow any programs to run at all? Never allow a user to connect to the net? Oh, how about only allowing signed, Microsoft approved applications to be installed on Vista. Ya, that would go over well. What would you say about "The Vole", then?
And the reason why it's never going to work is because MS still encourages the person who installs Vista (the owner presumably) to run their machine with admin privileges by default....Until MS gets it through their thick skulls that a multi-user OS needs a separate admin account and a user account for the owner, and that the owner should be encouraged to work from a regular user account as much as possible, UAC will never work as intended.
Wow. Ok. Imagine this scenario: A person installs/buys Vista and sets up the machine. Vista does what you want so badly and first asks for an admin account password, but then asks the user for the login/password for their limited account. Having an admin account on the machine is unavoidable if you ever want to do anything on the machine past checking your e-mail and reading high-quality publications like The Register.
So now the user has the admin account (that they're not using as their primary account), and they have their limited user account. Now anytime they need to do something that does require admin privs they will be prompted via UAC for the admin password. Since they're the ones who setup the machine, they'll type in the admin password. For all the other users on the machine, they'll have to go get the person who setup the machine to type in the admin password, exactly as they'll have to do right now in Vista.
So, how is this any better? Now, instead of the occasional annoying OK button, you'll have an OK button and be required to type in admin credentials. If you're the guy who setup the machine, you know the password. If you're not, then it works just like it does now.
Or perhaps you would rather have it just like it is in Linux, and have all operations simply fail with access denied errors? See, it works fairly well for Linux because all Linux applications were designed from the ground up with a multi-user system in mind. But Microsoft *must* support as many legacy applications as possible. That legacy application support is one big reason why Linux on the desktop has failed to defeat Windows.
Furthermore, if you want UAC to always prompt for credentials even as the "admin" user, there is a policy setting to make that the case.
UAC is, in my opinion, a good solution to a problem that exists only on Windows. Saying that Windows should operate its elevation system like Linux simply shows that you don't understand the problems at hand.
In fact, UAC is the most complained-about new feature of Vista, and most people are disabling it as soon as possible.
It's the most complained about by people like you, and by a few vocal power users. But guess what, you're all in the minority. Most people will fairly rarely encounter UAC. As a person actually using Vista on a daily basis at both work and at home, I don't find UAC annoying at all. There ya go.
And when you're running in an admin account, UAC is nothing but a bother.
And when you're running as a non-admin account, UAC is nothing but a time consuming bother? Give me a break.
And once UAC is disabled, all of its security enhancements are lost. Yes, the basic idea is good, but the implementation has been completely bungled.
So what's the better solution?
And since it's very likely that you will still be running your Windows box as an admin, if you're going to open a file with Windows Explorer, you'd better look to see whether or not it's an executable, because it will run with your privileges. So, at a minimum, the folder view should default to showing file extensions.
I kind of agree with this, but the chances that you'll run an application without knowing it's an application are fairly small. If you downloaded this application from the net, Windows will flag it as potentially unsafe. When you try and run it, Windows will ask you to confirm that you really want to run this application and that you trust it. (And yes, you can turn this off by unchecking a box in the properties dialog of the file.)
As usual, Windows enables far too many services by default.
Examples? Oh, that's right... we don't need examples. This is The Register.
It's a little craplet with a stereotypical icon that looks like a shield, and it simply informs you of whether or not the firewall is on, whether or not you've got anti-virus software installed, and so on.
One major hurdle for users security their system is that they don't know all the things they need to secure. The Security Center provides a single place where they can check their most important security settings. Seems like a good idea to me, and it seems to work pretty well. But I guess because The Register thinks it's a "craplet", I must be wrong.
We have got, instead, a slightly more secure version than XP SP2.
Uh huh. And if I took this "review" at face value, I might have to agree with you. Except luckily, I don't usually take things at face value. The "review" ignores many of Vista's security features, and it gives an extremely biased and unfair assessment of the ones it does touch on.
Only time will tell as far as how security Vista will be against the onslaught of hackers that will undoubtedly be attacking it, but it's a helluva lot better than The Register gives it credit for.
3. February 2007 15:31
I finally got around to trying out Remote Desktop in Windows Vista. Wow. Very cool. Not only does this thing support multiple monitors (finally), but it fully supports desktop composition.
For those of you that don't know, desktop composition is what allows Vista to look so pretty. Without it, you're stuck with the "classic" look. No transparencies. No cool flip 3D stuff.
Remote Desktop on Vista, at least when connecting to another Vista machine, seems zippier. I'm not sure why, exactly, but it definitely feels even closer to being "local".
So, if you're still using VNC, this is even more reason to drop it like a bad habit.
Oh, and yes, even Flip 3D works!
26. January 2007 18:32
My previous blog post, The FUDing of Windows Vista, concentrated on how the major tech media organizations are giving Vista a bum rap, either intentionally or out of simple ignorance. But Vista reviewers are not the only ones doing their best to spread the FUD.
Several major security vendors, such as McAfee and Symantec, see Vista as a major threat. Vista's new security features will make it much, much harder to attack. Since these companies make the majority of their money from providing products to protect users from these kinds of attacks, I can understand why they would be worried.
Instead of innovating and coming up with new products and services to supplant a business built on other's mistakes, they decided to try and FUD their way out. McAfee took out a full page ad in the Financial Times that claimed that Vista will be less secure than previous versions of Windows.
McAfee's reasoning is that because Vista prevents direct access to the kernel via a technology called PatchGuard, McAfee will no longer be able to modify Windows at will to provide their services.
Of course, this also means that the bad guys won't be able to either, which is kind of the point. The most dangerous malware out there right now are of the rootkit variety, and these guys rely on patching the kernel.
Furthermore, Microsoft has never supported directly patching the kernel. In addition, Microsoft has provided a rich set of APIs to perform the tasks that McAfee and Symantec need for their product to function. How do I know these APIs work? Maybe because several other security vendors, such as AVG, Kaspersky, and even Microsoft, have already released Vista compatible security suites that use these APIs are work just fine.
Lastly, PatchGuard is only in Vista x64, which probably won't be adopted in wide form for at least another year. Not to mention the fact that Microsoft has a nearly identical feature in XP 64 bit edition, and announced their intentions to include it in Vista x64 several years ago. McAfee and Symantec have had ample time to fix their stuff.
The other feature of Vista that these vendors are getting upset about is the Security Center. The Security Center basically just gives you one stop shopping for all your computer's security related settings. In order to provide a consistent user interface (consistency is a key for usability, and when it comes to security that's very, very important) they prohibit 3rd parties from modifying the interface. Instead, if you have a 3rd party firewall or antivirus package, it will list them in the security center and provide links to modify their settings.
McAfee and Symantec didn't like that. Why? Because they want to brand everything they possibly can. They want you to think that the security of your computer is completely dependant on them. That way you'll be less likely to cancel your subscription. So they scream and yell about this, calling it anti-competitive, and claiming that Microsoft is trying to give special treatment to their own OneCare software. They of course ignore that OneCare follows all the same rules that Microsoft is asking McAfee and Symantec to follow.
McAfee and Symantec are terrified that Vista will make their business less profitable, so they're lashing out. They figure if they can scare enough people into thinking that Vista is unsafe, they won't have to spend as much time and money fixing their software and coming up with products that actually provide value to their customers.
Update: Be sure to checkout the 3rd part in my series of blog posts about The FUDing of Windows Vista!
25. January 2007 21:41
Windows Vista is getting a bum rap. The media is painting a picture of Microsoft's new operating system as a pretty version of XP with few new features that users will care about. This is the same media that greets every new ".1" release from Apple as if it were the second coming of Jesus H. Christ. These reviews of Vista are so off base, so ill informed, and so superficial that they border on gross negligence.
I'm not even sure on where to begin analyzing these "reviews". Cnet's review, which gives Vista a "7.8", calls it a "warmed over XP", and makes multiple flat out factual errors. They claim that "most of Microsoft's [security] improvements in Windows Vista are within the Enterprise or 64-bit editions," which is a completely ridiculous statement.
There are no security features that Enterprise has that any of the other versions of Vista do not. (Indeed, this "review" was about Vista Ultimate, which contains every feature from every version, with the 1 exception which I'll mention in a minute.) Vista x64 contains a single feature that the others lack, kind of. Vista x64 restricts kernel mode driver installation to signed/certified drivers only. That's it.
Cnet goes on to state that there are no "big-name software packages written exclusively for Windows Vista". Wow, considering it hasn't even officially launched yet, that's a bit harsh.
Cnet criticizes the new Start Menu and search functionality, stating that they "would have preferred to have access to Search directly from the desktop rather than digging down a level or two", no doubt referring to Mac OS X's Spotlight field in the titlebar on the Mac desktop. Let's see, on the Mac I need to hit COMMAND + SPACE, or click in the field, to start searching. On Vista, I hit the Windows key and start typing. How, exactly, is that different? If anything, Vista's search is easier to get to.
Cnet continues to make factual errors by claiming that "aero is part of the Windows Presentation Foundation, a subgroup of the .Net Foundation Framework, an underlying foundation for developers to build new applications.". Um, no, it's not. Aero has nothing to do with WPF. Aero is a theme in Windows Vista. Nothing more. They even make the very confusing claim that "Aero is necessary to create Microsoft's new, Adobe PDF-like file format called XPS (Extensible Page System);", which is completely untrue.
Cnet shows how incredibly inept they are by then criticizing User Account Control while simultaneously plugging OS X. They state that "While UAC notifies you of pending system changes, it doesn't require a password. The Mac operating system does something similar but requires a password--that's security." What? First of all, UAC only doesn't prompt with a password IF YOU ARE AN ADMIN.
Administrators in Vista are treated like regular users in every way (in fact, they are regular users) except that they don't have to type in credentials in UAC prompts. If you run as a non-admin user, you have to type in the credentials of an admin complete the UAC prompt, just like the Mac.
Unlike the Mac, however, Vista displays these prompts on a secure desktop. This prevents malware from fooling you into authorizing something you didn't want to authorize by simply displaying a fake dialog over the real one. The Mac has nothing like this and is theoretically open to all sorts of spoofing malware attacks. Is that security? If the Cnet team had spent any time researching Vista they would know this.
They go on to say that "the jury is still out on whether Internet Explorer 7 is more secure than, say, Firefox 2", which I would agree with, but they neglect to mention anything about protected mode IE, which is a great security innovation from Microsoft that suggests that IE 7 will be, by far, the safest modern browser you can use.
Cnet's review makes many unsubstantiated claims about Vista's performance, calling it a "resource hog" without ever backing up that statement. (And no, you can't just look at Task Manager's RAM stats and use that to justify your opinion.)
Cnet's review was pretty much inline with many other sites, such as Time.com and even Tom's Hardware. (And don't get me started on Walter S. Mossberg.) Time, for instance, closes their review with the seemingly insightful musing that "translucent borders are all well and good, but out there in the jungle, no one cares how pretty you are." No kidding. If you guys were so concerned about Vista's security, why didn't you spend a little more time researching the many innovations and improvements Vista has in terms of security instead of trying to come up with more ways to mention Apple in your review? They have the gall to title their review "Windows Vista: why nobody cares." Maybe nobody cares because you guys have done a good job spreading FUD.
These people completely neglect to talk about hundreds of Vista's features which will end up really changing the way we use computers. Whether it's the fact that Vista will usher in the world of IPv6 (via it's support for PNRP), or how it will change the way applications are written and deployed for Windows via technologies like WPF/E and WCF. They almost universally ignore great technologies like ReadyBoost, SuperFetch, and ReadyDrive, all of which will make our computers feel zippier. And they're oblivious to things like Sideshow. And don't think that's the full list of features they're ignoring. It's not. For a full list, check out this excellent Wikipedia article.
Windows Vista is a great OS. If Apple was releasing an OS with this many new features they would be called geniuses and would be praised for ushering in a new era of computing. But Microsoft is not Apple, and so instead we get this FUD.
To be fair, there were a couple of decent reviews of Vista. One of them being from Paul Thurrott. Was his a complete review? No. But it wasn't willfully ignorant like the other clowns.
Please, go upgrade to Vista. Ignore these idiots. You'll be happy you did.
Update: Be sure to checkout the 2nd part in my series of blog posts about The FUDing of Windows Vista!