[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: WINDOWS NT ????
On Fri, 04 Oct 1996 17:43:52 -0700, John Fricker wrote:
>>> is Windows NT secured system ?
>>Windows 4.x moves the graphics/windowing system into Ring 0,
>>where the "secure" parts of the kernel are. Bad.
>>This means graphics bugs can make the kernel insecure or crash.
>>I don't trust it, especially because Windows 3.1 crashes all the time
>>for me, and stupid bugs make Windows 3.1 behave badly for me.
>>So if they put the window system in the kernel, I don't trust it.
>>End of message
>Buggy video drivers though can bring the system down.
This is 99% of the problems with any modern operating system: drivers written
by Juanito's House of Taiwanese Software.
>But this does not affect security, only stability.
>Security in NT can be defeated by any clever, out of work, bored, NT device driver author >who brews up a stealth device driver replacement (perhaps a COM port improvement) that >could run amok on the file system or basically do anything. Of course, any clever device >driver developer is making enough money to not be bored nor even consider writing a >backdoor into a driver. Right?
Doctor Dobb's had an article (with source) that demonstrated a driver that
gave full access to *EVERY* application running on an NT box. They also
showed how it could be limited to a single application. I believe the
source is on their web site...
# Chris Adams <[email protected]> | http://www.io-online.com/adamsc/adamsc.htp
# <[email protected]> | send mail with subject "send PGPKEY"
"That's our advantage at Microsoft; we set the standards and we can change them."
--- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review editorial)