[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: WINDOWS NT ????



On Fri, 04 Oct 1996 17:43:52 -0700, John Fricker wrote:

>>> is Windows NT secured system ?

>>Windows 4.x moves the graphics/windowing system into Ring 0,
>>where the "secure" parts of the kernel are.  Bad.
>>This means graphics bugs can make the kernel insecure or crash.
>>I don't trust it, especially because Windows 3.1 crashes all the time
>>for me, and stupid bugs make Windows 3.1 behave badly for me.
>>So if they put the window system in the kernel, I don't trust it.
>>End of message

>Buggy video drivers though can bring the system down. 
This is 99% of the problems with any modern operating system: drivers written
by Juanito's House of Taiwanese Software.
>But this does not affect security, only stability.

>Security in NT can be defeated by any clever, out of work, bored, NT device driver author >who brews up a stealth device driver replacement (perhaps a COM port improvement) that >could run amok on the file system or basically do anything. Of course, any clever device >driver developer is making enough money to not be bored nor even consider writing a >backdoor into a driver. Right?

Doctor Dobb's had an article (with source) that demonstrated a driver that
gave full access to *EVERY* application running on an NT box.   They also
showed how it could be limited to a single application.   I believe the
source is on their web site...

#  Chris Adams <[email protected]>   | http://www.io-online.com/adamsc/adamsc.htp
#  <[email protected]>		 | send mail with subject "send PGPKEY"
"That's our advantage at Microsoft; we set the standards and we can change them."
   --- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review editorial)