Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] Vista/Longhorn Not as Safe as GNU/Linux

Vista & Longhorn Server's "Improved" Security

,----[ Quote ]
| "So what's the problem?" Windows "Longhorn" Server is!
| No, we're not joking. Under the circumstances, we wish we were too. But
| we're not. While Windows Vista's security has steadily improved
| build-by-build, and while Longhorn's kernel and applications may be
| more secure, Windows Longhorn Server as a whole most certainly isn't.
| Why?
|     * Because it never prompts you to set an Administrator password!
|   [...]
|    * What about password complexity models?
|   [...]
| What happened to Windows Server? Where did all of the stringent
| security checks and ultra-protection of Windows Server 2003 go?
| Windows Server 2000 was quite insecure, and Windows Server 2003
| turned over a new leaf.. But it seems Microsoft is more than willing
| to flip that page back ? even Windows Server 2000 required an
| Administrator password at the very least.


Also see:

        Windows Vista Security Review


Security has been promised before, only to be shattered completely (infection
within just minutes after a live connection is established).

Windows Vista: It's More Secure, We Promise

,----[ Quote ]
| Well, allow me to take a moment to remind everyone of something that
| you might not remember - XP was also touted as being ultra secure.
| Seriously, can anyone honestly look themselves in the mirror and say 
| this is the gospel truth? You have got to be kidding me. Similar to
| XP, Microsoft promises to have the most secure Windows version to date
| yet again.


Here are some of the usual links.

Perspective: Why Microsoft is wrong on Vista security

,----[ Quote ]
| The net-net is that the user is demonstrably less safe as compared to
| during the XP days, when security vendors could use their advanced
| behavioral features.


Also see:

IE 7 bugs abound

,----[ Quote ]
| "But browser testers may already be at risk, according to security 
| researcher Tom Ferris. Late Tuesday, Ferris released details of a potential 
| security flaw in IE 7. An attacker could exploit the flaw by crafting a 
| special Web page that could be used to crash the browser or gain complete 
| control of a vulnerable system, Ferris said in an advisory on his Web site. 
| Microsoft had no immediate comment on Ferris' alert."


Black Hat Takes Vista to Task

,----[ Quote ]
| She demonstrated two potential attack vectors. One could allow unsigned
| code to be loaded into the Vista kernel. The second vector involved
| taking advantage of AMD's Pacific Hardware Virtualization to inject a
| new form of super malware that Rutkowska claimed to be undetectable.


Symantec highlights Windows Vista user vulnerabilities

,----[ Quote ]
| Symantec has shed more light on potential vulnerabilities in Windows
| Vista that could circumvent new security measures and leave users
| vulnerable to attack.


Symantec continues Vista bug hunt

,----[ Quote ]
| After poking around the Windows Vista networking stack, Symantec
| researchers have tried out privilege-escalation attacks on an early
| version of the Windows XP successor.
| "We discovered a number of implementation flaws that continued to allow
| a full machine compromise to occur," Matthew Conover, principal
| security researcher at Symantec, wrote in the report titled "Attacks
| against Windows Vista's Security Model." The report was made available
| to Symantec customers last week and is scheduled for public release
| sometime before Vista ships, a Symantec representative said Monday.


Symantec Finds Flaws In Vista's Network Stack

,----[ Quote ]
| Researchers with Symantec's advanced threat team poked through
| Vista's new network stack in several recent builds of the
| still-under-construction operating system, and found several bugs
| -- some of which have been fixed, including a few in  Monday's
| release -- as well as broader evidence that the rewrite of the
| networking code could easily lead to problems.
| [...]
| Among Newsham's and Hoagland's conclusions: "The amount of new
| code present in Windows Vista provides many opportunities for
| new defects."
| "It's true that some of the things we found were 'low-hanging
| fruit,' and that some are getting fixed in later builds,"
| said Friedrichs. "But that begs the question of what else
| is in there?"


Symantec Says Windows Vista Will be Less Secure than XP

,----[ Snippet ]
| Symantec said earlier last week that there were no viruses for Apple's
| OS X.


Symantec sees an Achilles' heel in Vista

,----[ Quote ]
| Some of Microsoft's efforts to make Windows Vista its most stable and
| secure operating system ever could cause instability and new security
| flaws, according to a Symantec report.
| [...]
| "Microsoft has removed a large body of tried and tested code and
| replaced it with freshly written code, complete with new corner cases
| and defects," the researchers wrote in the report, scheduled for
| publication Tuesday.


McAfee: Microsoft completely unrealistic on Vista

,----[ Quote ]
| Windows Vista does not ship with antivirus software installed and active,
| but for the first time Microsoft will be promoting their own antivirus
| service in Windows OneCare. Alex Eckelberry, CEO of Sunbelt Software,
| has already called Microsoft's plans predatory based on pricing. McAfee
| is focusing its critique on operating system design, arguing instead that
| Microsoft's decisions with Vista will simply make the operating system
| less secure.
| In the advertisement, McAfee CEO George Samunek is quoted as saying,
| "Microsoft is being completely unrealistic if, by locking security
| companies out of the kernel, it thinks hackers won't crack Vista's kernel.
| In fact, they already have." The advert continues: "With its upcoming
| Vista operating system, Microsoft is embracing the flawed logic that
| computers will be more secure if it stops co-operating with the
| independent security firms."


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index