Various Vista Concerns
I ran across a couple of stories in the last day or two that got me thinking about how much of security relies on assumptions that aren't necessarily always validated (remember Ronald Reagan's old adage "Trust, but verify"?). The first one is this story from Blackhat Amsterdam about VBootkit. The key quote from the story is "Experts say that the fundamental problem that this highlights is that every stage in Vista's booting process works on blind faith that everything prior to it ran cleanly." The other one was this story from one of the guys at CERIAS at Purdue about the introduction of symbolic links in Vista. Frankly, I haven't paid enough attention to Vista yet, to realize they had added symbolic links and I don't program for Windows, but having been a programmer in a previous life, the possible implications of this one jumped out at me. Further, I suspect that, all too soon, we'll be seeing all the race conditions with symlinks in Vista that we've seen in Unix/Linux over the years. The more things change, the more things stay the same, huh?!
Keywords:
0 comment(s)
My next class:
LINUX Incident Response and Threat Hunting | Online | US Eastern | Jan 29th - Feb 3rd 2025 |
×
Diary Archives
Comments