Re: Vista's Security Rendered Completely Useless by New Exploit

Discussion in 'NZ Computing' started by Jasen Betts, Aug 9, 2008.

  1. Jasen Betts

    Jasen Betts Guest

    On 2008-08-09, Cadae <> wrote:
    >
    > "Brian Mathews" <> wrote in message
    > news:...
    >>
    >> This week at the Black Hat Security Conference two security researchers
    >> will discuss their findings
    >> which could completely bring Windows Vista to its knees.
    >>
    >> http://www.neowin.net/news/main/08/...ty-rendered-completely-useless-by-new-exploit


    > The claim about bringing Vista to its knees is an overblown exaggeration -
    > how are they going to overcome Vista's integrity level checking ?


    If the first paragraph is correct they already have. "any location" to
    me means they were able to modify ring-0 code.

    > However, any O/S without integrity level checking is going to suffer with
    > this new attack technique.


    The os would have to be bug-compatible with windows, and run internet
    explorer 7 to be succeptible, fortunately microsoft has chosen to keep
    that blight to themselves.

    > I wonder how long it's going to take to get integrity
    > level checking into Linux ?


    Linux instead uses chroot and group and user permissions for compartmentisation of the
    variaous server processes for the most part.

    > Hopefully some of the work already done on
    > secure Linux can be used to implement this.


    Selinux doesn't seem to address integrity levels.

    Bye.
    Jasen
     
    Jasen Betts, Aug 9, 2008
    #1
    1. Advertising

  2. Jasen Betts

    Jasen Betts Guest

    On 2008-08-13, Cadae <> wrote:
    > "Jasen Betts" <> wrote in message news:g7k0dl$9rq$1@gonzo...
    >>
    >> If the first paragraph is correct they already have. "any location" to
    >> me means they were able to modify ring-0 code.

    >
    > It doesn't mean any such thing. They claim they can overcome SOME of Vista's
    > security measures. They cannot and do not attempt to break all Vista
    > security. It is the media that (typically) has mis-represented their work.
    > That mis-representation has been typically magnified and further distorted
    > by anti-MS posters in this group.


    they did in the article I read.

    >> The os would have to be bug-compatible with windows, and run internet
    >> explorer 7 to be succeptible, fortunately microsoft has chosen to keep
    >> that blight to themselves.


    > Wrong. They have developed a technique that is applicable to any O/S.


    BULLSHIT.

    EOM.
     
    Jasen Betts, Aug 14, 2008
    #2
    1. Advertising

  3. Jasen Betts

    Jasen Betts Guest

    On 2008-08-14, Cadae <> wrote:

    > "Jasen Betts" <> wrote in message news:g80pfm$3qo$2@gonzo...


    > What article was that ?


    The one which you cut when you replied to me.

    DUH!


    Bye.
    Jasen
     
    Jasen Betts, Aug 15, 2008
    #3
  4. Jasen Betts

    Jasen Betts Guest

    On 2008-08-14, Carnations <> wrote:

    > How!


    You speak apache?

    Bye.
    Jasen
     
    Jasen Betts, Aug 15, 2008
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Bert Hyman

    Canon A60 rendered unuseable by sunlight

    Bert Hyman, Sep 30, 2003, in forum: Digital Photography
    Replies:
    4
    Views:
    343
    Buster
    Oct 2, 2003
  2. AirRaid
    Replies:
    5
    Views:
    648
    RobertVA
    Aug 9, 2006
  3. Graham
    Replies:
    15
    Views:
    726
    Woody
    Dec 6, 2007
  4. cjd
    Replies:
    2
    Views:
    828
  5. RichA
    Replies:
    1
    Views:
    263
Loading...

Share This Page