KezNews.com
DownloadsOther NewsForumBlogsWallpapersJokewareSearch
Downloads:
Windows Live wave 3 beta goes public
Trillian 3.1.11.0
Process Monitor 2.0 for Vista and XP
EASEUS Partition Manager Home Edition - Par..
Free Nero 9 Available for Download
New Vista AutoPatcher - Vista update toolki..
Recent Forum Posts:
Roxio creator 2009
How to burn drm encrypted itunes 8 music to mp3
Standalone office 2007 applications

News letter:


Enter Your E-mail:
Top Downloads:
DirectX 9.0 and 10.1 Downloads for Vista SP1 and XP SP3
Free Nero 9 Available for Download
RapidWareX - rapidshare download manager
Windows Genuine Advantage Notification Wga crack 1.8.31.9
Microsoft's new WGA for XP v1.8.31.0 cracked!
WGA Antipiracy Mechanism Adapted to XP SP3
AutoCollage 2008 for Vista SP1 and XP SP3
Advertisements:

Vista and Vigilance


section: windows, for your questions: KezNews forum, 1.10.2007

This is what the BlueHat Security Briefings said : "I have been told that I can write a blog entry for the BlueHat blog, with little or no editing, and now I sit here and have to make up something interesting to write about.




I have a bit of a writers block today, caused by being tired, jetlagged, and already halfways on my way to the airport for my flight back. Also, the first draft of my blog post tried to be witty, and failed spectacularly at that.

Bluehat is an interesting event – it's quite enlightening to talk to the people here. MS usually has problems to solve that are larger (and by extension more interesting) than most other companies. One has to admit that Vista is arguably the most secure closed-source OS available on the market. Microsoft did do a good job at addressing the issues of previous Windows versions. Progress on all fronts has been achieved, and MS is probably better than any other closed-source software vendor when it comes to the the security of their products.

This makes it difficult for attackers. The cost of developing an exploit for Vista is significantly higher than for any previous versions. As a result, I think that most of the security researchers will move on to greener pastures for a while. Why try to chase a difficult overflow out of Vista when you have Acrobat Reader installed, some Antivirus software with shoddy file parsing, and the latest ITunes ?

I expect only a small number of remotely exploitable vulnerabilities in Vista. We will see everybody else getting hammered though. But, for a while, there will be (relative) quiet and calm in Redmond. It is important to keep in mind though that everybody is just waiting for Microsoft to become complacent again. Secretly, all attackers are hoping that Vista will be a failure, security spending will be scaled back and nobody will attempt to build a secure mainstream OS again.

Let's wait and see where this goes. It was fun being here, and I hope that I will be back at some point in the future."

source: bink.nu

send email Send link 2 friend  |  Permalink
<< previouse article
Microsoft System Center gets the services treatment		 next article >>
Internet Explorer 8? 2008? 2009?

MORE RELATED ARTICLES:
How to Install Vista Language Packs MUI on all versions of Vista + video tutorial || The Vista Built-in Super Administrator Account Has Survived in Vista SP1 || Vista SP1 Is Out, XP SP3 Old News, the Pink Edition of Vista Is In || Tell Hasta la Vista to XP - Time to Upgrade to Vista SP1 || Vista SP1 RC1 Flies Past Vista RTM and Windows XP SP2

Comments(2)

Well said. Its not MS its the shoddy 3rd party programs-MAC SoftW

By Will on 02.10.2007 - 11:10
its mac who puts windows at risk by crackers (not hackers). macs pathetic safari ie and itunes allow crackers get into windows and use it to their advantage saying ms is not secure.

Reality check

By Andrew on 02.10.2007 - 18:10
halvar flake (the author of the blog) is on crack, there's no doubt about it.
"one has to admit that vista is arguably the most secure closed-source os available on the market."
obviously, this guy has never heard of openvms, hp-ux, aix, etc.
"microsoft did do a good job at addressing the issues of previous windows versions."
what were the issues of previous versions ? let's hear from the horse's mouth. microsoft tells its customers that there are 4 steps to protect a computer : turning on a firewall, installing updates, using an antivirus and having an antispyware. it's funny that only the first two steps apply to other closed-source operating systems. after 20 years of existence, windows is still plagued by viruses and spyware. that's impressive indeed.
what about data integrity ? most operating systems (including the closed-source ones) deal with fragmentation in the background. that's not the case with vista : its defragmenter was deemed inefficient and slow (google is your friend here). it is advised to use a third-party program. on raxco website, we can see that vista's defragmenter has only 5 of the 21 features of perfect disk 8. some people even suggest to use jkdefrag, a tool written by an individual. congratulations microsoft : with billions of dollars in bank and thousands of employees, you can't do better than a one-man crew.
let's turn to another staple of vista : user account control. despite what microsoft says, quite many people consider uac to be security by pop-up.
it's a shame that halvar flake's nonsense appeared alongside the piece written by rain forest puppy, a well respected security researcher. it's even more embarrassing to read it on keznews.


No new comments are allowed for this article.

For your questions use our KezNews Forum