Schneier on Security: Tagged Microsoft

Entries Tagged "Microsoft"

Page 10 of 16

New Trojan Mimics Windows Activation Interface

What they are calling Trojan.Kardphisher doesn’t do most of the technical things that Trojan horses usually do; it’s a pure social engineering attack, aimed at stealing credit card information. In a sense, it’s a standalone phishing program.

Once you reboot your PC after running the program, the program asks you to activate your copy of Windows and, while it assures you that you will not be charged, it asks for credit card information. If you don’t enter the credit card information it shuts down the PC. The Trojan also disables Task Manager, making it more difficult to shut down..

Running on the first reboot is clever. It inherently makes the process look more like it’s coming from Windows itself, and it removes the temporal connection to running the Trojan horse. The program even runs on versions of Windows prior to XP, which did not require activation.

More info here.

Posted on May 5, 2007 at 7:59 AM • View Comments

Google Ad Hack

Clever:

…the bad guys behind the attack appeared to capitalize on an odd feature of Google’s sponsored links. Normally, when a viewer hovers over a hyperlink, the name of the site that the computer user is about to access appears in the bottom left corner of the browser window. But hovering over Google’s sponsored links shows nothing in that area. That blank space potentially gives bad guys another way to hide where visitors will be taken first.

Posted on May 1, 2007 at 7:25 AM • View Comments

Commentary on Vista Security and the Microsoft Monopoly

This is right:

As Dan Geer has been saying for years, Microsoft has a bit of a problem. Either it stonewalls and pretends there is no security problem, which is what Vista does, by taking over your computer to force patches (and DRM) down its throat. Or you actually change the basic design and produce a secure operating system, which risks people wondering why they’re sticking with Windows and Microsoft, then? It turns out the former course may also result in the latter result:

If you fit Microsoft’s somewhat convoluted definition of poor, it still wants to lock you in, you might get rich enough to afford the full-priced stuff someday. It is at a dangerous crossroads, if its software bumps up the price of a computer by 100 per cent, people might look to alternatives.

That means no MeII DRM infection lock in, no mass migration to the newer Office obfuscated and patented file formats, and worse yet, people might utter the W word. Yes, you guessed it, ‘why’. People might ask why they are sticking with the MS lock in, and at that point, it is in deep trouble.

Monopolies eventually overreach themselves and die. Maybe it’s finally Microsoft’s time to die. That would decrease the risk to the rest of us.

Posted on April 27, 2007 at 7:03 AM • View Comments

VBootkit Bypasses Vista's Code Signing Mechanisms

Interesting work:

Experts say that the fundamental problem that this highlights is that every stage in Vista’s booting process works on blind faith that everything prior to it ran cleanly. The boot kit is therefore able to copy itself into the memory image even before Vista has booted and capture interrupt 13, which operating systems use for read access to sectors of hard drives, among other things.

This is not theoretical; VBootkit is actual code that demonstrates this.

Posted on April 3, 2007 at 12:51 PM • View Comments

Vista Activation Cracked by Brute Force

Interesting, assuming it’s true.

Posted on March 14, 2007 at 1:45 PM • View Comments

Windows for Warships

No, really:

The Type 45 destroyers now being launched will run Windows for Warships: and that’s not all. The attack submarine Torbay has been retrofitted with Microsoft-based command systems, and as time goes by the rest of the British submarine fleet will get the same treatment, including the Vanguard class (V class). The V boats carry the UK’s nuclear weapons and are armed with Trident ICBMs, tipped with multiple H-bomb warheads.

And here’s a related story about a software bug in the F-22 Raptor stealth fighter. It seems that the computer systems had problems flying West across the International Date Line. No word as to what operating system the computers were running.

EDITED TO ADD (2/27): Here’s a related article from 1998, involving Windows NT and the USS Yorktown.

Posted on February 26, 2007 at 3:07 PM • View Comments

UAC Security Hole in Vista

This is a good summary of the problem. If you want more details, look here.

What’s interesting is that Microsoft is positioning this as a trade-off between security and ease-of-use. That’s correct, of course, but it seems that someone made a bad decision in this regard.

Posted on February 19, 2007 at 7:26 AM • View Comments

DRM in Windows Vista

Windows Vista includes an array of “features” that you don’t want. These features will make your computer less reliable and less secure. They’ll make your computer less stable and run slower. They will cause technical support problems. They may even require you to upgrade some of your peripheral hardware and existing software. And these features won’t do anything useful. In fact, they’re working against you. They’re digital rights management (DRM) features built into Vista at the behest of the entertainment industry.

And you don’t get to refuse them.

The details are pretty geeky, but basically Microsoft has reworked a lot of the core operating system to add copy protection technology for new media formats like HD DVD and Blu-ray disks. Certain high-quality output paths—audio and video—are reserved for protected peripheral devices. Sometimes output quality is artificially degraded; sometimes output is prevented entirely. And Vista continuously spends CPU time monitoring itself, trying to figure out if you’re doing something that it thinks you shouldn’t. If it does, it limits functionality and in extreme cases restarts just the video subsystem. We still don’t know the exact details of all this, and how far-reaching it is, but it doesn’t look good.

Microsoft put all those functionality-crippling features into Vista because it wants to own the entertainment industry. This isn’t how Microsoft spins it, of course. It maintains that it has no choice, that it’s Hollywood that is demanding DRM in Windows in order to allow “premium content”—meaning, new movies that are still earning revenue—onto your computer. If Microsoft didn’t play along, it’d be relegated to second-class status as Hollywood pulled its support for the platform.

It’s all complete nonsense. Microsoft could have easily told the entertainment industry that it was not going to deliberately cripple its operating system, take it or leave it. With 95% of the operating system market, where else would Hollywood go? Sure, Big Media has been pushing DRM, but recently some—Sony after their 2005 debacle and now EMI Group—are having second thoughts.

What the entertainment companies are finally realizing is that DRM doesn’t work, and just annoys their customers. Like every other DRM system ever invented, Microsoft’s won’t keep the professional pirates from making copies of whatever they want. The DRM security in Vista was broken the day it was released. Sure, Microsoft will patch it, but the patched system will get broken as well. It’s an arms race, and the defenders can’t possibly win.

I believe that Microsoft knows this and also knows that it doesn’t matter. This isn’t about stopping pirates and the small percentage of people who download free movies from the Internet. This isn’t even about Microsoft satisfying its Hollywood customers at the expense of those of us paying for the privilege of using Vista. This is about the overwhelming majority of honest users and who owns the distribution channels to them. And while it may have started as a partnership, in the end Microsoft is going to end up locking the movie companies into selling content in its proprietary formats.

We saw this trick before; Apple pulled it on the recording industry. First iTunes worked in partnership with the major record labels to distribute content, but soon Warner Music’s CEO Edgar Bronfman Jr. found that he wasn’t able to dictate a pricing model to Steve Jobs. The same thing will happen here; after Vista is firmly entrenched in the marketplace, Sony’s Howard Stringer won’t be able to dictate pricing or terms to Bill Gates. This is a war for 21st-century movie distribution and, when the dust settles, Hollywood won’t know what hit them.

To be fair, just last week Steve Jobs publicly came out against DRM for music. It’s a reasonable business position, now that Apple controls the online music distribution market. But Jobs never mentioned movies, and he is the largest single shareholder in Disney. Talk is cheap. The real question is would he actually allow iTunes Music Store purchases to play on Microsoft or Sony players, or is this just a clever way of deflecting blame to the—already hated—music labels.

Microsoft is reaching for a much bigger prize than Apple: not just Hollywood, but also peripheral hardware vendors. Vista’s DRM will require driver developers to comply with all kinds of rules and be certified; otherwise, they won’t work. And Microsoft talks about expanding this to independent software vendors as well. It’s another war for control of the computer market.

Unfortunately, we users are caught in the crossfire. We are not only stuck with DRM systems that interfere with our legitimate fair-use rights for the content we buy, we’re stuck with DRM systems that interfere with all of our computer use—even the uses that have nothing to do with copyright.

I don’t see the market righting this wrong, because Microsoft’s monopoly position gives it much more power than we consumers can hope to have. It might not be as obvious as Microsoft using its operating system monopoly to kill Netscape and own the browser market, but it’s really no different. Microsoft’s entertainment market grab might further entrench its monopoly position, but it will cause serious damage to both the computer and entertainment industries. DRM is bad, both for consumers and for the entertainment industry: something the entertainment industry is just starting to realize, but Microsoft is still fighting. Some researchers think that this is the final straw that will drive Windows users to the competition, but I think the courts are necessary.

In the meantime, the only advice I can offer you is to not upgrade to Vista. It will be hard. Microsoft’s bundling deals with computer manufacturers mean that it will be increasingly hard not to get the new operating system with new computers. And Microsoft has some pretty deep pockets and can wait us all out if it wants to. Yes, some people will shift to Macintosh and some fewer number to Linux, but most of us are stuck on Windows. Still, if enough customers say no to Vista, the company might actually listen.

This essay originally appeared on Forbes.com.

EDITED TO ADD (2/23): Some commentary.

Posted on February 12, 2007 at 10:37 AM • View Comments