Windows - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Windows


Vistas Fortified Kernel Could Trouble Third-Party Apps



 By: Matt Hines
2006-08-10
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Windows story.


  Table of Contents:
  1. Vistas Fortified Kernel Could Trouble Third-Party Apps
  2. ' Competition '

Rate This Article:
Poor Best
Vistas Fortified Kernel Could Trouble Third-Party Apps
( Page 1 of 2 )

Researchers at anti-virus market leader Symantec join those who contend that security features built into Vista's kernel could retard innovation of new desktop defense technologies, and other aftermarket Windows applications.

Researchers at Symantec are questioning whether security modifications added to the kernel of Microsofts Vista operating system could prevent the anti-virus company, and other third-party software makers, from enjoying the same level of integration theyve enjoyed with previous Windows operating systems.

As part of a research effort examining the next-generation operating systems kernel, the softwares very core, Symantecs analysts have been led to believe that Microsofts work to better protect the product may impede innovation by other security applications vendors.

At least one other company, consumer firewall software maker Agnitum, has also complained publicly that Vista wont allow the same level of kernel-access as earlier iterations of Windows.

If the assertion, which is based on assessments of beta versions of Vista, proves true in the final product, Cupertino, Calif.-based Symantec and other aftermarket Windows software makers could be challenged to advance their products as quickly as they have in years passed, researchers said.

Resource Library:

"The challenge we have is that these technologies eliminate the potential for third parties to extend enhancements to the kernel," said Oliver Friedrichs, director of emerging technologies for Symantecs Security Response team.

"Weve traditionally used to this method to add security technologies into the kernel; with some of these new technologies, any tampering or modification to kernel will result in a blue screen, which means we cant use it."

Friedrichs and his team specifically identified one kernel modification used in the 64-bit version of Vista that could prove troublesome in such a manner.

The operating systems PatchGuard technology, which promises to prevent non-Microsoft programs from patching the Vista kernel, could make it impossible for Symantecs security applications to intercept system commands and protect users against certain types of malicious content, the researcher said.

"By hooking systems calls, we can see data passing through to the kernel and help protect against anything malicious," said Friedrichs.

Click here to read more about Vista kernel security issues.

"We have the alternative mechanisms that Microsoft has added to support this, but it limits the innovation we can make via kernel extensions in the future; there may also be new security technologies that evolve that need to access the kernel to do their job."

While Symantec roundly praises an overwhelming majority of the work Microsoft has done to improve the security of Vista, both in the kernel and throughout the product, the limited ability to integrate directly with the OS on its most fundamental level will cost third party Windows applications vendors in the long run, he said.

Friedrichs and other development experts at Symantec, the Windows anti-virus market leader and a longtime Microsoft partner, have publicly dissected beta versions of Vista, issuing a series of three reports identifying potential vulnerabilities in the software.

At the same time, the Symantec researchers have lauded Microsofts efforts, including its work to reduce vulnerabilities in the much-awaited operating systems underlying code base.

In their latest Vista report, Symantec researchers examined a series of technological modifications made to the operating systems kernel in the name of boosting security of desktop systems that will run the OS.

The review repeatedly praises the job Microsoft has done in creating a more secure system, including the addition of stricter requirements for types of software drivers that can be downloaded directly onto Vista PCs and the ability to monitor traffic with the kernel for suspicious activity.

The report also praises the Vista kernels onboard code integrity checks, support for a secure boot up mode, and the ability to restrict access to a Vista desktops physical memory.

The critique identifies only one potential kernel issue that the researchers contend could be circumvented to form an attack, related to the driver-signing and code scanning features.

Next Page: Competition.





  Reader Comments: Vistas Fortified Kernel Could Trouble Third-Party Apps
>>> Be the FIRST to comment on this article!
 


 
 
>>> More Windows Articles          >>> More By Matt Hines
 


xv㶲 ;^+(ߎ1ŋ[%r[mR=--$MR$_9k^bq&K9Nږ*T B?[[~$rəkmJ9D[[?.ЇP|kQPo2t=zR m)>M3i +45Gl&J~x'AT{j" xL5 Κmٚc7h2 Xm$(d{9BeI {6 !%2K;#?+B]2IXߦuɷ~{Xe;7 CxKd/B(?F#c8CN̚?n=3τPcwҴ@Sա*v25vk.6^ ;4 ȅ׳]z$nRvnٸ@d`jI:@:"4nC6S!p z08juj=jfO-{n_w$z(֛z$=+~bArxưaIH|6XB?yyN g uȭB¿{yAסn\=w{do&A0[b6Z [@ظ?0 $hGGeOuhs 2 dþJeW+~V*}xxk9{ۖ3p*sgEÝ6_{JU4E=wN. $(֝k0$򺮕]e=;yؼ} _wD߀j0QEVKi|/ Z@߯fN{!x[^ wKk%٥o$Y3)2,"t#>//.;6O.;cd̲6<ZMӀ Zvb!?XW㣫kQGs!+|q!5M0\ܱ:֪׷VxiuHz>54Y01\]^Jj=2OG6ŧ!)H|U:vJ {[-t[RH }zc)!,_ f kķLJo$SNE ;- uͪ5Vi/z[PĿ G/<@'L[7!p3Z&T23=MH=k 3!RBʼwĿIK _^P*B-)\Dh+Ԝ$ٛ"Gn;ž_"ʥcp1S{fwsQ iغ\28>]7kDm.-s5-wbzaZVpx3n[O#һ>aUb}PhvZM]qsuTS_tjt ?JjexQUW, F_̶#ؠS&s;(<|0 @>/tϧԴPwP?: M/E˥yb1@ Lna x;p|w-v1s/|\aR֔FA=H:}mP`5$ǎC-ߟL s#08w ɍ5E0f+wEPbL;TM}PCn@ }S(r`@YS9ݲeǀxԜлu%w2J}g>] #RRR$S'hI#r Bг,`@o%`{`[X;w;.V+\y"*u':Nݱ;P+Jx&S,BV-KᗄPf%i2mlƪń(VFN|(0Vn)MKϵ(";jl>r GlCp2hBJmHw6qGJ[Y*,aRhj]VL-F*|( +#NWɅkOg,.,Kq{yMٕ[RTjFd>l '[arShfh:l}E>tZA_`֚NfjE)jL$P/#[յ /Q+wڶ{Ot]QG= XZ: 9y4hS̢±5j1|jj0&B$Vũ(l^xT}uxN`#\rW["LJ}=Nݡe5u6$\]Rj)nSLZ06AaeL䱯^t@FM@X G\dA3`АBrIa XWkSZ//' 7]@.&D~Ê?DNQcG=.C+DÜU^oVw/$ZTbrxCj_VkqvJ.wq)4 l2{/Ne6Z/^Qz=gn %=s3/'x &1h'0)o@|V_>^Ik01Sle`Sxt( b*亢#?݀εl.Џ]vMtAkZ, ܠɠ 0Դ'KZ/V-.W` >N#1hh 05-tpCUjʾ_QWc7g)h"QkF&:FdHtΈ+6RЎT:*f 8՟nF*eY[ў#WX tV ЛiQ~cV Ն'y>+bIgV`]br[|8.coJ~ Qby2UA#d߈z+G:Jr seb@m"^i/_&c2 s*?.ʀjӘG2gdYhVz\ ;s}cLBΊMo 4y̔Qʃ",߸X֪̾^`3X畔Z7lz |i6tGM4:Բxkc}Z2:j1RʵRM( BDDwJZlmM l⊗qoʠ͹g7gkX?"B5`J$¸_v^Iў@>b2at53uA8fS}qlyVC6fĺ}acMٸU V|eZ]J֟D'zu0|aߋ uRԣ{{ћY GL)߭q*9WIfT-kZb[Ԫ>"gi!`\ߩbxEOp?l]^*n d9#T`| @`'d1s<ēo -"ԄֿwLaV*7xo~!RȓC$ |*͸ DY1a}^f}r|8G)zev%<49?jG*V%?\v?Iև6?eF&[fB, 8oIŸ}vhu?Hm}#4-dhD4|wιa{Oy[J:^7' N;XF>9֒\zB_ɾj,49Aϐa6~& ېck#~uYLPH2X>ae_HR ~tQwqN .V_$ZCAnp+z!NU HE*4ДK%IA%-x<|-rHEɉ|ml/Er}C6j'i^3_;w jE%pXISB9oթ-pOӚO|B^J;D^2v?IkuYX[MfAS:%ə$E=)jZ$jRSfj# $_2 I,v+2B:Tz} gaM&mn2gjt>l6Dr0@u\f0 `qNÉ@P V^ QגZ4ҫo%˫؉OJޣlj9l0`&09)rq ]4[twXC:Q$g.sFnxwĎ+^@(NVp2kx'k_Y.t0o89]#֣d-tWcT'c塺1!ݣkѧ@â ln ~]j.9Gq,\Y3 Zt UdaRxa9~hSr9nNK:?5L0c,H~"#|$~1xvFMzuS意G 95+gE S7gN{m,da3fo?c[~; ?--8tǠQCRJ1&ZQP**sᔤSǔW> @Xd1җ30d&'a=K=#tzooo=إ֛%Zl놟2d]rV*ZUٕ"yg/v2q0FάqŸB02Kn>7DF%5O@)B]M1uoĽub>w~ŇƊo jhEUJÖmK&T7[٥ zLZx’Yc+mҚRq^.x+j-5$,'{-rNoQ{cn>/<$Ja+Oam/yw&܍Ln}{+`aʖ(,1J1Lx0cȂoe 9p;D7`y$(p,IGo89 [bwه[$P;ړJݞHg 2uQڗ (IIUK9L!qۋz1gy ]<T 4F|+˗Kwt6g饗 O]jbRa#-%Tl˜,X6s , |^eZh>P[{:<Ed`ܴE>3Z#DFK"I\$RCxrN8>R#g@)Qdh> 'gUҺW}YPT !A/ԘD9JOЋA凤Pcr^,(r,F7FVC󯴶zzOu!],mΑ/h,‰+VXPB%08?p SUP'rlNlP2-;]S_CaԿ;~ՒVӞsL,JW:X3RǤT1W %ś1 9'IciJ[jD9> eԝQGׁ#דmbYKTӆ؅Bᚃlv45Hh!RzV/J-tOƙ tDz9/ )ߡ u8Dc/A$1DvK=נmj7!WRP /sVϝdTU)Hb@\&̤=D*kZ7Gx [  [@a $jE^4dj>59-# /aKFB5w )k%Ikb̢5Cxzx$:KI\QO_1U$p^ :ˎ RU"sCQWpOgPOTJ@"g@^5#lH `\n쇤Gm~w}w}w}wrWYRV*vT*)"6G\|7pҳaƍ "^!^Ogυ~oxuzX6תnt2*2 r)oaXUocjMBU=W3kbR3[ߖѫvn#ś8|)SN. U 0€& 5s&؜Gig5«;mPo~5&Lű{#bslTz^_Xnd_RϿG*2?(6qA m}i6pM!{1u"|Oͬ5A̚V~gp /~'E!V 4gy ټAN ͭoelrA\^Ln;^ lwj;W Jy('%?k^7ew?^ Y?`CP}]gr71V^ss6X2QwQ Q?nE\)ѝ`ǭSTC䉯OHo #GM.qtZ xcwӱ(ē[nqKݪbݵ;֕Z-3^B,ow].@,au)ȁ;[ĆWWc3kxYCyFi.U?e9LYjb*bFyA y!FvΏ[Kb+I7Q[$q p+jj5VA^ cS(ckzrD,?t$"RVЮ(> Nl?QX2{6K ͤ<87%Üva8FSYh9E!f11\R;$\.he,zVdq+2&ϯ #zۉЙ>3&ޖME*ނ0HQ&[@*VH4isOkp=6ǽOj6j=!`5?؍H6n&)m'hzBRKo^;G'ܬDM<- \G܀gE8afcq_M|p ؙZƒM)RӰp-| i?NRUzFܗIf0zV}Tj? P^s0]+uMi fG@VTor<"Z{4֑: r敊V.ի)ۺgߓ΀GpA,|链5g0Ygji#TJ1 u7=g58~Tfl9c9ZZ]OA/Ԯ} ` q%ZB˞u7᷵AOxNs'ZgDk9-C OckӘP0XeLW<00t-PγjNT]֏pY=XCE3 L l]|­RN+o[Y_D_t[6Zf `-%"] )<]СߔjmG*oIgi4|x}A6ژyiF$YcMr#؎\Ix##ڔk3`qu rF@Yj!u<H]YU# `xEF(f?:};mzxX29k `Cߑ7Ņ~O d>5Ԙ8@= CO 2śy»"aK{\vݯաu/ O~ScGB(W9Ĝ#Mh_}<)J ԝ8 `8.pgj9T%2%P9 dU {_/{=&>J% =a k(E$+vWn#BLk48tkXaٌ}; ;Q>۹`bWoP$P`+wdcFb|9ǘ $5+D:¨b)s(cU OT-,(ωS|yĔv7UI8F7m+ah,.6WG(OE_VCĨҋSe0/L^ⷎ.۽O֚CyƋxYf5s;mzVx9js:&kj4=V0.8SD^}'vn4#) _s/2)By79]~48jBav18>r.?'Q9)uryN9Bc/ .?9ak?˃=ˡ,>gYgg9yyß(99'P~S(GN9y_O7GtAtsE\9_\O{99.)>Crs~~swWyW9{_wɹNr!(oYNOoR89B _*Uy@a u~S 9@yJ*,c/r\- {%;[?k_;ݣBX\jzr+g^egq 6 | #r 75imŭhg?>/ydV֫++#BAf_b 5y?'OxVf{27r8Ar&ߢjOG T*Ad-03ak`Q{e\sÄ#6O 5U"yO|vI'Nɱ-yyBҗa`pbLC ad^kf!t}4u={ 1sU@ $ ީn&Qg=-Lrec ehmоx/J45n"3x_%05^JSAf\rs^f$W"nr;7%\ؓǀZ@X?o6Nώ{;]9 ~Wuu3Lђ'//~} N_ގػLx 9sqAbg94IأCDO6&C׽~rh`=F(}?|Y\sEEבni,&J  B8΄dX.N`'w}`#VFv;ƒ7VX#eun炱Lt6q> spn"(}#Ϙm^Ǩz!>ΐ螃h :BQF{A}F垓$g'_5b Fi&b3@p+LCA>X[a,s(ŬBSd=)O?.G[nI\E`1l`ehDS,T6yS*>% /! ix M1>2z l|_Odxª~axh='-з57d(Q|ӽ{izQڃ` L~v0q=ĺr|R2mLepvR6 ?H朙ף699 3/&U@DqD'Pvxm<^|:ym놮E{cu݌fm/x:" BV|JrX}P/):OOgsZ%.^H6"],{ QAbVCq삢U.nD%hw2b59=ʧ3N~q <ø0X+.9 wҝX[EB(}u9C*gꙺUN'7z>!D!6{xvIoEa{ş׼ueVQ)ZN $zdEg0M\}l4;n_ﭙe6TA$摍7yM1uc*dW)Kkgqۙ gSXM*d.%rR[+EiQ}*' eGJ܄;"6BKFslx6 ͭ @0'