Roy Schestowitz wrote:
>
> Trend Micro flaw opens PCs to takeover
>
> ,----[ Quote ]
> | As a result, the PC could suffer a "blue screen of death" or
> | allow the attacker to remotely execute code and take control of
> | the system, Trend Micro said.
> `----
>
> http://news.zdnet.com/2100-1009_22-6157554.html
>
These that are coming up from the security vendors we have to put into
context.
The third party security is now in a different place in the overall PC
structure than it was in previous versions of Windows. It wouldn't surprise
me at all if they found that it is now very unlikely that they can protect
a XPVista with any degree of confidence.
Plus, if you think about it, this software also has to work around the
security areas that MS has built in. So, to do that properly the third
party security software has to either find a way around the built in
security, which must mean that eventually anyone can learn to do that. Or
they have to be given special access by the OS, which again is something
that others can learn from.
I would hate to have to control the software teams for the likes of Symantec
and Trend, because I really can not see a sure way of properly securing
XPVista the way things are right now. Of cause MS are happy, because their
users get a speed advantage over XP with it's third party security. But you
have to remember that the likes of Symantec software only really became as
heavy and resource hungry as it is, because it had so many potential
vulnerabilities to take care of. The reallity is that Symantec security
should be tiny, because if the OS was correctly created then all Symantec
should have to do is watch the active ports and monitor traffic.
Vista is more secure in several areas, some of the work they have done was
well thought out in that area (they must have had help from outside, and
they did). But it isn't nearly enough, the third parties are still needed,
they are just in the wrong place to do their job.
I have said this before, but I will say it again, because I am a parrot. I
personally would only take on the role of securing XPVista if I could have
my primary protection outside of the system altogether. So for example in a
VM I would want the possition between the chain boot and the OS to be mine,
I would put a layer there from which I now have control, and now I can do a
proper job of security, as well as internal system monitoring, my layer
would go between ALL physical ports, nothing is coming in or out without my
blessing. I think I would call my layer 'Debian', do you know if that name
is already taken?
PS: I'm not blowing my own trumpet and pretending that I could actually do
the job, but for a nice wage and a posh car with a CD player that works I
would darn well try.
|
|