XP2 Spotted In The Wild 634
LostCluster writes "WinXP SP2 has just been released to the public via Automatic Update, but eWeek and PC Magazine are together reporting that Windows XP SP2's 'Windows Security Center' is just about as insecure as it could possibly be. According to them, any program (including ActiveX controls) can access and edit the Windows Management Instrumentation database, and therefore spoof the security status of an insecure box to report that it is properly secured."
Leave it to microsoft (Score:5, Interesting)
Scary stuff. (Score:5, Interesting)
Step 2: Drag the scrollbar down a bit and let go
Step 3: Start -> Programs -> Startup
That's just spooky.
Incorrectly report, but change? (Score:4, Interesting)
What I've yet to see is any indication that its possible to actually do the turning off of things, which would be rather more serious.
As it is, surely the only problem is if you forget that you turned something off? I've no big plans to make my box insecure now I've done configuring it on installation.
UA String any different? (Score:4, Interesting)
Re:Scary stuff. (Score:2, Interesting)
Re:Internet Meltdown Predicted for Today (Score:3, Interesting)
You know what I got from the article was:
It will now be easy for people/code to exploit a new vulnerability in Windows allowing (insert favorite action taken after an exploit is found HERE).
Umm, I saw this coming, I mean it's 10am where I am right now and I haven't heard about today's exploit yet.
In all seriousness Joe Computer needs to stop trusting Microsoft to do everything in his computer. Their idea of shouting "HEY STUPID get an anti-virus program" isn't a bad idea. The implementation was, but the idea isn't. From what I've read SP2 is a slight improvement security wise, so for Joe User all security updates are worth installing. (Joe User just normally doesn't ever run Windows Update. Think of the last time some relative called you with a computer problem!
"You: Did you try doing the 'Windows Update'?" - Relative: "Where's that?" -I rest my case.)
I'd rather the 14 million drone machines out there in the wild had XP2, then not.
Re:I'm sorry, were you expecting better? (Score:2, Interesting)
Re:Close it anyway MSFT or stop the default Admins (Score:5, Interesting)
Linux, I feel, has a better system at the moment. However, as this is the developers fault, I see no reason why linux would be immune from this problem.
Actually, no... (Score:3, Interesting)
I don't consider that to be a non-problem, nor do I consider it to be more secure. It's definitely not secure enough to be allowed exposure to critical infrastructure of any kind.
I don't think anything can be done. (Score:5, Interesting)
I've always criticised Linux users for being sloppy and the like, but the operating system itself is at least rock solid. It rarely crashes, it has a decent windowing system, and I don't see advisories for it on Bugtraq every 8 hours. Windows is easy to install, but it's all too easy for someone else to compromise. Ease of use is nice, but I think I'll take peace of mind with GNOME on Fedora Core.
Re:Actually, no... (Score:1, Interesting)
The catch is this: most of the modern windows 'sploits aren't buffer overruns into non-executable memory, they're just malware using the MS application tools like ActiveX.
So, it is probably true that the Microsoft kernel is more secure than the Linux kernel. The respective operating systems, viewed from a holistic perspective, may not be.
Re:UA String any different? (Score:3, Interesting)
VB CODE IN YOUR FACE
Wscript.echo "Service Pack: " & objOperatingSystem.ServicePackMajorVersion _ & "." & objOperatingSystem.ServicePackMinorVersion
I almost used the BLINK tags for that one
Re:Need root? (Score:3, Interesting)
Simple. Force them not to. When my family got a new PC, I immediately dumped XP Home and put on XP Pro. I set up myself with the Admin account and gave everyone else Limited User accounts.
If they want to install software, tough. They have to go though me first. Just like at work.
Re:I'm sorry, were you expecting better? (Score:5, Interesting)
I fail to see... (Score:2, Interesting)
So it tells you the firewall is up when it 'may' be down. If you can't remember wether you put it up or not, PUT IT UP ANYWAYS DUMBASSES!! (Not that I'd trust a Windows Personal Firewall anyways - wasn't UPnP supposed to revolutionize something?)
This is a training issue. Just as anyone who hasn't used Linux before would need help setting it up, anyone using Windows will need to know how to not be a dumbass; 99% of all security issues I've come across could've been prevented with liberal application of common sense.
Re:SP2 - as secure as any linux distro... (Score:5, Interesting)
Seriously, this Security Console is a good example. "What if somebody could tell if their machine was secure just by opening a control panel?" That's a very good idea -- but it will take at least a year to develop something like this that actually works well enough to be a part of windows. In the meantime, they shake and bake something so people know they're working on it.
This is the Microsoft equivalent of Sourceforge Development Status 1. It's a dog and pony panel that will undoubtedly be replaced by something good in the future -- but by that time, most of the industry will have lost all trust in it.
Such is the case with IIS 6. It's actually pretty good, according to a lot of web programmers I know, but I just don't trust it -- to the point that I'm considering not using C# for impending web projects despite having a massive C# codebase. MS would have to go VERY far to get that trust back, and make a security leap similar to the UI leap they made from 3.1 to 95 or the stability leap they made from 98 to 2000.
Re:SP2 - as secure as any linux distro... (Score:5, Interesting)
It drops an executable into the Startup folder for the *user*. In other words, no root privledge is ever exercised, and the app would likely do nothing on a correctly-configured box (the worst malware can do running as non-root is wipe a user's directory -- same as in Linux or any other OS with similar permissions). Learn about security before you comment on it, please.
Re:Oh my god! (Score:1, Interesting)
Try an infinite number of CreateProcess calls on windows. You think forkbombs are bad, you try to find the process limit setting in Windows...
Not running as admin is all that matters? Not so. (Score:4, Interesting)
Sure, running as ADMIN is almost stupid and multiplies your chances of being 0wned by large. But its not the only source of being 0wned as people said above. As long as I remember, IIS (along with Sendmail, Bind, IE and some others) where considered the worst software in terms of security in the SANS Institute list. Break-ins are common in these softwares and would grant you good priviledges for doing some nasty things.
Just to be fair the same can happen in Linux/Unix but it's a bit less easy to do it. And you can always run an UserMode Linux, for example, and host the application inside it which would turn the host system almost invunerable and this is quite difficult to do in Windows (I can only think of VMWARE). Normally people are a little better educated to not use root in daily use and every installation program of recent distros explicit says it.
Bad Logic From Microsoft (Score:5, Interesting)
They bypass this obvious lack of security as a feature, and that the application is rather to serve as an extra barrier of obscurity to hackers, and not as a solution to the problem (which it will ultimately be marketed as.)
This unfortunately isn't an adequate mentality. Microsoft appear to make the mistake to think that hackers are as technically challenged as their regular home user base.
Yes! certainly a home user wouldn't be able to craft some accidental software that rips a hole through the new security centre features. However, hackers which discover holes in Windows (Without ever seeing the source code.) have the competency to add the extra layers of dodging to their worms. This it at Microsoft's peril, as now worms can fool a system into reporting that everything is fine, in turn fooling the technically challenged home user into also thinking, that their new DDoS server is also functioning without a hitch.
Microsoft needs to understand that hackers are significantly "gifted" in comparison to their regular user base (many of which who'd think Mac OS X is another version of Windows.) They must craft their security devices such that they can not be trivially undermined, and put an end to the assumption that more easily bypassed road blocks lead to greater security.
Re:SP2 - as secure as any linux distro... (Score:5, Interesting)
First, let me assume you didn't mean what you said. What you *did* say doesn't make sense, as the only way for a system to run with less privileges would be for it to not even have a System Administrator account while leaving some other system with that authority. That sort of top-down authority over PCs seems quite out there for all sorts of reasons.
So, lets assume you mean "the main problem is users running with more privileges than they need". The problem at core then is *why* they run at higher privilege than necessary. Part of the reason is that Run As and the like are not inconvenient and just not well known. In the process of making the system more "user friendly" Run As and ilk aren't at all discussed. In fact, users added at install are given power user (which can do all sorts of nasty things to applications) or administrator power.
For the complete naive (or to overcome various limitations to Windows sessions, like not being able to do persistent apps in the background (dialup users on at least Win 2k (and possibly Win XP, though having not used it in that capacity I couldn't say), you know what I'm talking about)), this means having one account open either all the time or possible on auto-login. For the less naive (or users who can figure ways to overcome the limitations of Windows), you'll create multiple users, but then all users can still screw up the entire machine with *anything* they run. Yes, physical access does mean you can 0wn a box, but like you pointed out with so many buggy programs it also means very much that non-physical access can 0wn the box too.
My point in all this is, even users who *try* to do some security are still fucked over thanks to MS opting for ease of use and "usability" over reducing privileges, finding a better way to have someone admin the box (and watch users flee when they realize they have to do work; oh, but it's better to go under the MS banner of low/no maintainance, turn a blind eye to the reality that most PC software needs maintained, then moan to all your techie friends that your computer is so slow, keeps crashing, etc), and teaching the user how to run the few necessary programs in "less-secure" mode (anything automatic short of extensive hashing will end up being spoofed and exploited all over, so it's better to rely on the user) while making sure Windows itself is actually designed to handle multiple people using a machine.
But, all those stack protectors should slow down those hackers, hopefully (well, assuming they're done at runtime in a staggard approach to avoid a whole cluster of near-identical hardware all producing the same value; the last thing you want is something predictable), which is at least some small consolation for those who actually update their machine...
Ask Slashdot... (Score:2, Interesting)
I was about to Ask Slashdot about wherever it is relevant to upgrade XP to SP2 given the fact that:
Seeing all the potential problems XP SP2 can bring in, is it worth the update?
What do you guys think?
Re:Close it anyway MSFT or stop the default Admins (Score:3, Interesting)
I got my sister (15, and understands precisely nothing technical about computers), after much yelling, screaming, and misunderstanding (this one mostly on my part), to use an unprivledged user for normal work and to make changes and install as Administrator.
That said, not only are default accounts admins, but you cannot only have unprivledged accounts; you must have a named admin in addition to Administrator. Very dumb.
Re:this is surprising? (Score:1, Interesting)
I notice you avoid the comment virus updates. That in itself is almost enough impetus to switch to Linux: not having to constantly worry about becoming a victim of the newest strains floating around on the Internet and in e-mails.
Re:SP2 - as secure as any linux distro... (Score:4, Interesting)
Heck, for all those cases when a program doesn't need to really be run as admin, Windows could sandbox the program in a pseudo-root and continue to let the program run in such a limited state (which developers might end up trying to work around instead of fixing the inherent problem, but that's a whole other point). There's also the possibility of making up "roles" for users and programs either by default (to further limit, not expand privilege) or easily accessible.
The fact is, Microsoft hadn't until XP SP2 made any measurable attempt to mitigate the security risk to users. And even now, XP SP2 still is more reliant on filtering out possibly bad content and auto updating than educating the user and giving them options to help to secure their setup (auto update and filtering can be good things, don't get me wrong, but they're not end-all solutions and are only stop gaps to a bigger problem). Something like email viruses probably won't stop until a heavy dose of educating the user enough to not run viruses and some degree of lobotomize the system enough to never run a virus.
So, a lot of the problem is still MS's (it's their email client for the most part and their OS which has to be lobotomized to support not running viruses). I'd also say they're pretty well required to teach the user security, given this is a new computer and security is really a key concept an internet connected user needs to understand. But, as part of MS's quest for a stable system for the home user, MS really slacked off over the issue of telling the user they'd have to be admin and they really do need to learn a lot of things if they want their system to continue running smoothly; and it can't be that MS was unaware that security was at all an issue because there actually *are* user accounts and lower privileges in NT/2K/XP; MS just decided to ignore the issue in favor of making it easier on the user who was adding programs. Making it more complex by forcing users to learn security in the short term was less marketable than progressively dealing with security flaws later as well as just crappy design decisions such as leaving various services on and exposed to what would almost certainly be the internet.
Whew..that was a lot to write. And with all my bitching about Windows, I can't say I've personally used any other OS which does a good job of educating the user on what *not* to do while providing them ways to mitigate the possible damage on questionable programs that demand more privilege than they probably deserve (I haven't used OS X, so I can't speak for it; I used be a Windows user but now am a Linux user (except when I admin my mom's machine)). The issue of how to make administrating understandable and easy enough that all home users (or a few, given how much of a pain it is to have to get off every N minutes so someone else can properly install an app or whatever) are both willing and able to do the task is no small order. The fact that MS has for years pushed MS as "great" at administrating when it's only at best marginally better (it's a lot easier to do the granular ACL than doing various crazy groupings) really shows what's true of most companies: they're run more by marketers than engineers. The amount of work necessary to make administrating something anyone is *willing* to do is pretty mind boggling (just look up various research, or contemplate the issue of hundreds of programs, a few users, and how to make sure each program can't do harm to anything even if it *wants* to without pissing off said few users). Windows really isn't the right tool for the job; sadly no tool I know of is yet nor do I think ever will be ready. So, shall Microsoft rent out really cheap admins to everyone to improve security?
Re:SP2 - as secure as any linux distro... (Score:2, Interesting)
<marketing drone>Actually, marketing is all about "adding customer value". So of course, we (Microsoft) are adding value by allowing our customers to more easily see whether their computer has been compromised yet."</marketing drone>
And yes, if you can't tell, I just took a marketing class, yes it was a waste of time, and yes I'll be poking fun at it for years.
Re:SP2 - as secure as any linux distro... (Score:3, Interesting)
Essentially, Microsoft has done the best they can in their position. And it is a very good step forward. Yes, any ActiveX control can mess with the firewall settings, but heck, any ActiveX control can do whatever it wants, including damage far beyond messing with your firewall settings. Once any attack has succeeded on your system, you are 0wn3d, whether or not the attack can mess with your security panel.
As far as IIS goes -- please examine the exploit records. Both Apache and IIS have had exploits against them. The IIS exploits get more press because there is a finger to point, but Apache, PHP, etc. certainly don't have a clean record either. IIS versions prior to 6 have had several notable problems, but IIS 6 has an excellent track record for the time it has been available, even better than Apache in the same time period. Go with what will get your project done best in the least amount of time, then stay up to date on the patches.