Microsoft Admits XP Has Same Bug As Win2K 161
Arashtamere sends in a Computerworld story on a security flaw in the Windows 2000 pseudo-random number generator published by Israeli researchers earlier this month. Microsoft has now admitted that the flaw is present in XP too. Microsoft denies that the bug is a security vulnerability, since an attacker would have to have gained administrative access to a system before exploiting it. (The Israeli researchers point out that many common exploits provide admin access.) This stance apparently lets them off the hook for patching Win2K, which is in "extended support" mode, though it powers about 9% of US and EU business computers. Microsoft said that XP SP3, due in the first half of next year, will fix the bug. The company said that Vista, Windows Server 2003 SP2, and the new Windows Server 2008 are not vulnerable.
stupid (Score:4, Insightful)
I have to agree with MS on this one... (Score:4, Insightful)
THe paper refered to. (Score:5, Insightful)
I fail to see why you would need administative privelidges however. You would only need to run in the userspace of the process that did run the random number generator before. Having administrative privs would be nice to inject code into that userspace, but is not needed i think.
It can get even worse if from a public key part the random number that was used to generate it can be extracted, what was done in early ssl implementation attacks.
Re:I have to agree with MS on this one... (Score:4, Insightful)
History is full of examples, probably both within and out of the computing field where people thought that 'that' was impossible...
Re:I Post Anonymously (Score:0, Insightful)
As lots of people have commented, if you have admin rights you own the box.
Re:I have to agree with MS on this one... (Score:3, Insightful)
Most of the other ways to get to the passwords would leave a detectable trace, especially keyloggers. Or they need a reboot. If you're really after the user passwords, resetting them to something else is also not an option. AFAIK there is no other *easy* way to get a user's password from a locally exploitable Windows box, especially not if you cannot reboot it without being detected.
So in some cases, where a hacker with local access to a Windows box wants to have a user password without leaving a trace, an attack like this would be interesting.
I admit It's all a bit hypothetical... Still, it's not very nice to have a possible security hole like this and not patching it.
Naw. You just have to take a different approach. (Score:4, Insightful)
That is not 100% correct.
It is still a "security vulnerability".
It just cannot be exploited to increase your access on that machine.
That we know of. Today. So the code still needs to be patched. Security is not an "either / or" situation. You have to reduce the effectiveness of threats.
Open crypto algorithms; no fix for Win2K (Score:5, Insightful)
In any case, the thing that surprised me most from the article was that Windows 2000 users would be left out in the cold: "Because the company has determined that the PRNG problem is not a security vulnerability, it is unlikely to provide a patch [for Win2K]." Wow. Especially when it's something this easy to fix. This bug also solves any attacker's problem of trying to sort valuable from non-valuable information, since presumably any valuable information (credit cards used online, etc) will use encryption. And while someone suggested that a program should use its own random number generator, there is a problem because, in general, your application (not running as Admin) shouldn't have access to nearly the same amount of entropy sources (like network activity, GUI inputs, etc).
--
Educational microcontroller kits for the digital generation -- great gift! [nerdkits.com]
Re:I Post Anonymously (Score:3, Insightful)
They also could have worded this a lot more diplomatically than they did. So yes, the GP is flamebait.
Re:I have to agree with MS on this one... (Score:1, Insightful)
Re:Open crypto algorithms; no fix for Win2K (Score:1, Insightful)
OTOH, Linux, OpenSSH and OpenSSL only run in Intel 80386 IBM branded hardware in Medieval English, so providing a more secure implementation is waaaaay simpler.
Re:I have to agree with MS on this one... (Score:2, Insightful)
"At the moment we know of no way to abuse this bug without already having obtained Administrative access."
I will almost bet money that there is a smart bugger out there which find a way to abuse this.
That we don't know of a fearsible attack right now is no excuse not to fix the bug IMHO.
Re:I have to agree with MS on this one... (Score:5, Insightful)
Many corporate computers have local admin accounts that are likely to share a user/password combo across large numbers of machines. A keylogger might not get you these credentials, but the ability to crack these credentials could get you admin access to a huge number of other computers.
It is people like you who make sure that security consultants will never want for work.
Re:I have to agree with MS on this one... (Score:4, Insightful)
Re:stupid (Score:4, Insightful)
This was the point of palladium, that the keys would be locked up inside a separate box, segregated from the processor. Each process would only manipulate opaque handles to the keys.
One nice aspect of this attack is that if you gain admin access after key generation, but before the entropy pool is refreshed then you can play back the state of the random number generator to recreate the keys after the fact. But this just extends the window slightly, you still need an exploit to get admin first.
This is Why Open Source is Good. (Score:5, Insightful)
No worries about whether or not it's even legal to fix a machine that I'm using to run my business.
Re:THe paper refered to. (Score:4, Insightful)
Theoretically, one would need knowledge of just one TCP sequence number, and then it could generate the future sequence numbers coming out of the box. Therefore one would be able to hijack TCP/IP sessions *much* faster and easier than before.
Anyone know to the contrary?
Re:I have to agree with MS on this one... (Score:3, Insightful)
You use the same password on other machines (Score:3, Insightful)
Re:Open crypto algorithms; no fix for Win2K (Score:3, Insightful)
Re:Open crypto algorithms; no fix for Win2K (Score:3, Insightful)
(Well MAYBE Debian...)
Most of them crap out after 12 months!
Re:I have to agree with MS on this one... (Score:3, Insightful)
Re:I have to agree with MS on this one... (Score:3, Insightful)
Plenty of people call microsoft M$. Personally I prefer calling them MicroShite but that is my preference.
Twitter also occasionally makes some valid points in some of his posts but who cares about facts when you can just slag someone off without taking the time to exercise your brain.
I am not saying the Linux is perfect, it pisses me off just as regularly as Windows does but at least with Linux I can do something about it like commit a patch. With Windows I might as well just lump it as there is nothing I can do to help remedy the situation.
This is what a lot if Windows and Apple fan boys miss. Linux does not annoy as many coders as we feel we can remedy the things about said OS that annoy us, whereas with windows there is the feeling of complete powerlessness to fix problems even if you can isolate exactly what causes them. For anyone who programs computers, relies on them to work and encounters the same bug regularly this becomes tremendously frustrating as it prevents true self-reliance.
To come up with a car analogy it is like having to pay for a cab regularly because your car is constantly in the auto shop getting repaired for an issue you could fix if only it would not void your warranty.
Re:I have to agree with MS on this one... (Score:2, Insightful)
Yes.
Yes.
Terms like M$, Linuzzz etc. amount to petty, schoolyard name-calling. Useful dialog is only diminished by them.