Why Windows Vista ‘might’ Actually be Good

Keep on Guard!

The main thing is the massive kernel overhaul, it’s actually adding some decent functionality and refining the architecture to become more like Linux!

While the kernel in Vista is still primarily the same one as in Windows 2000 and XP, there have been some significant changes to tighten up security. Fewer parts of the OS as a whole run in Kernel mode – most drivers run in User mode, for instance. Things that run in Kernel mode are prevented from installing without verified security certificates, and even then they require administrator-level user permission. In Vista, it should be much more difficult for unauthorized programs (like Viruses and Trojans) to affect the core of the OS and secretly harm your system

Yay, finally, an actual secure version of Windows? It’s about time right. But well what stops malware bundling itself with a pirated valid cerficate, there must be some offline procedure for people without full-time net connections.

We’ll have to see what this protection really offers, and how we can get around it :)

Also some heap performance improvements with controls to deal with heap fragmentation for large memory calls.

Some pretty advanced application ‘buffering’ too, not sure if I like this one (hopefully it can be turned off).

A key improvement to the root file system and memory management of Vista is a technology called SuperFetch. SuperFetch learns which applications and bits and pieces of the OS you use most and preloads them into memory, so you don’t have to wait for a bunch of hard drive paging before your apps or documents load. Microsoft has developed a pretty sophisticated prioritization scheme that can even differentiate which applications you are most likely to use at different times (on the weekend vs. during the week, or late at night vs. in the middle of the afternoon).

And well..networking? Does this finally mean THEY WROTE THEIR OWN TCP/IP STACK!?

Networking support has been extended throughout the lifetime of Windows 2000 and Windows XP, but it was getting harder and harder for Microsoft to keep improving the old code. So for Vista, they started over from ground zero and rewrote the networking stack from scratch. IPV6 was hacked onto Windows XP in a pretty basic way, but it is built directly into the Vista networking stack in a much more robust fashion.

Seems to have some fairly cool built in apps too and the new UI is very snazzy, perhaps a little too much eye-candy though, I don’t want to have to buy a Cray just to power the OS..

The browser will be running at a much reduced user level too (finally!) and it seems they are implementing proper user segregation by default (first time evar!).

I mean I never understood why they had ACL’s since WindowsNT but never setup or enforced segregation by default..like why can guest write to /windows/system and so on..

I’ll be looking out for it anyway, will you?

Source: Extremetech

Posted in: Windows Hacking

, , ,

Latest Posts:

GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.
QualysGuard - Vulnerability Management Tool QualysGuard – Vulnerability Management Tool
QualysGuard is a web-based vulnerability management tool provided by Qualys, Inc, which was the first company to deliver vulnerability management services as a SaaS-based web-service.
Memcached DDoS Attacks Will Be BIG In 2018 Memcached DDoS Attacks Will Be BIG In 2018
So after the massive DDoS attack trend in 2016 it seems like 2018 is going to the year of the Memcached DDoS amplification attack with so many insecure Memcached servers available on the public Internet.
libsodium - Easy-to-use Software Library For Encryption libsodium – Easy-to-use Software Library For Encryption
Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API.
XSStrike - Advanced XSS Fuzzer & Exploitation Suite XSStrike – Advanced XSS Fuzzer & Exploitation Suite
XSStrike is an advanced XSS detection suite, which contains a powerful XSS fuzzer and provides zero false positive results using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads.

8 Responses to Why Windows Vista ‘might’ Actually be Good

  1. Navaho Gunleg March 22, 2006 at 6:50 am #

    Kernel overhaul? I beg to differ — they discovered some vulnerabilities in their OS which also affected Vista, some time ago. When I read that, together with the fact that years ago some MS official stated that Vista would be a complete re-write.

    That vulnerability lead me to think otherwise.

    And now they market it as a re-write again? *confused*

    Hopefully, some bunch of crackers with too much free time on their hands will kill this weird marketing ploy. :]

  2. Darknet March 22, 2006 at 10:17 am #

    I think they actually avoided the term re-write, and stuck to overhaul as they had backward compatibility problems or something, so it’s still mostly the old Kernel.

    But yeah…bound to get pwned :D

  3. Navaho Gunleg March 22, 2006 at 10:21 am #

    Yeh the old kernel, built atop DOS 3.2’s PRINT queue. :P[/cheapshot]

    BTW I find the Vista name terribly similar to ‘Fista’ so that promises plenty of pain in the arse. (But I guess you should have a dirty mind like mine to get that remark — nvm.)

  4. backbone March 22, 2006 at 11:41 am #

    i’m really curios on there own rewriten TCP/IP protocol… i bet it will have thounsands of flaws…
    Vista were gonna hack you!!! hahaha

  5. Navaho Gunleg March 22, 2006 at 11:50 am #

    Somehow I am really not convinced.

    They are probably still busy removing all the symbols that can identify their binaries as being stolen Open Source code.

    And a delay because of increased security-awareness or such-and-such? I think one should read that as “Woops it’s not working, we’re opening stuff up and crippling the safety features until the software interoperates again.

    If you haven’t noticed yet — I hate Microsoft’s software and I spit on their track-record. ;)

  6. Haydies March 22, 2006 at 2:12 pm #

    Wow, windows that dosn’t run drivers in ring zero? Amazing. Well, not really. NT was like that but with these new fangled accelorated cards there where performance issues, so move the drivers closer to the core, they go faster…. apparently.

    Still, can’t see it making all that much differance. Unless they implement file security as well…

    I’m due to reinstall a machine this week, so I might well give vista a blast… see what its like….

    Secure windows? now thats 2 words you wouldn’t expect to site next to each other…..

  7. Anonymous March 28, 2006 at 11:59 am #

    Right after the part you bolded, it says: AND even then they require administrator-level user permission. It sounds like you need the admin password AND you need permission from Bill Gates or whoever he trusts with a signing key. Is this the beginning of the Palladium big-brother situation Ross Anderson warned us about years ago? http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html

  8. Navaho Gunleg March 29, 2006 at 6:10 am #

    Anonymous: Yeah it is the beginning of that daunting big-brother age. Well actually, we’re already halfway-through, most people just failed to notice.