Why Windows Vista ‘might’ Actually be Good


The main thing is the massive kernel overhaul, it’s actually adding some decent functionality and refining the architecture to become more like Linux!

While the kernel in Vista is still primarily the same one as in Windows 2000 and XP, there have been some significant changes to tighten up security. Fewer parts of the OS as a whole run in Kernel mode – most drivers run in User mode, for instance. Things that run in Kernel mode are prevented from installing without verified security certificates, and even then they require administrator-level user permission. In Vista, it should be much more difficult for unauthorized programs (like Viruses and Trojans) to affect the core of the OS and secretly harm your system

Yay, finally, an actual secure version of Windows? It’s about time right. But well what stops malware bundling itself with a pirated valid cerficate, there must be some offline procedure for people without full-time net connections.

We’ll have to see what this protection really offers, and how we can get around it :)

Also some heap performance improvements with controls to deal with heap fragmentation for large memory calls.

Some pretty advanced application ‘buffering’ too, not sure if I like this one (hopefully it can be turned off).

A key improvement to the root file system and memory management of Vista is a technology called SuperFetch. SuperFetch learns which applications and bits and pieces of the OS you use most and preloads them into memory, so you don’t have to wait for a bunch of hard drive paging before your apps or documents load. Microsoft has developed a pretty sophisticated prioritization scheme that can even differentiate which applications you are most likely to use at different times (on the weekend vs. during the week, or late at night vs. in the middle of the afternoon).

And well..networking? Does this finally mean THEY WROTE THEIR OWN TCP/IP STACK!?

Networking support has been extended throughout the lifetime of Windows 2000 and Windows XP, but it was getting harder and harder for Microsoft to keep improving the old code. So for Vista, they started over from ground zero and rewrote the networking stack from scratch. IPV6 was hacked onto Windows XP in a pretty basic way, but it is built directly into the Vista networking stack in a much more robust fashion.

Seems to have some fairly cool built in apps too and the new UI is very snazzy, perhaps a little too much eye-candy though, I don’t want to have to buy a Cray just to power the OS..

The browser will be running at a much reduced user level too (finally!) and it seems they are implementing proper user segregation by default (first time evar!).

I mean I never understood why they had ACL’s since WindowsNT but never setup or enforced segregation by default..like why can guest write to /windows/system and so on..

I’ll be looking out for it anyway, will you?

Source: Extremetech

Posted in: Windows Hacking

, , ,


Latest Posts:


Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.
HiddenWall - Create Hidden Kernel Modules HiddenWall – Create Hidden Kernel Modules
HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers.
Anteater - CI/CD Security Gate Check Framework Anteater – CI/CD Security Gate Check Framework
Anteater is a CI/CD Security Gate Check Framework to prevent the unwanted merging of filenames, binaries, deprecated functions, staging variables and more.


8 Responses to Why Windows Vista ‘might’ Actually be Good

  1. Navaho Gunleg March 22, 2006 at 6:50 am #

    Kernel overhaul? I beg to differ — they discovered some vulnerabilities in their OS which also affected Vista, some time ago. When I read that, together with the fact that years ago some MS official stated that Vista would be a complete re-write.

    That vulnerability lead me to think otherwise.

    And now they market it as a re-write again? *confused*

    Hopefully, some bunch of crackers with too much free time on their hands will kill this weird marketing ploy. :]

  2. Darknet March 22, 2006 at 10:17 am #

    I think they actually avoided the term re-write, and stuck to overhaul as they had backward compatibility problems or something, so it’s still mostly the old Kernel.

    But yeah…bound to get pwned :D

  3. Navaho Gunleg March 22, 2006 at 10:21 am #

    Yeh the old kernel, built atop DOS 3.2’s PRINT queue. :P[/cheapshot]

    BTW I find the Vista name terribly similar to ‘Fista’ so that promises plenty of pain in the arse. (But I guess you should have a dirty mind like mine to get that remark — nvm.)

  4. backbone March 22, 2006 at 11:41 am #

    i’m really curios on there own rewriten TCP/IP protocol… i bet it will have thounsands of flaws…
    Vista were gonna hack you!!! hahaha

  5. Navaho Gunleg March 22, 2006 at 11:50 am #

    Somehow I am really not convinced.

    They are probably still busy removing all the symbols that can identify their binaries as being stolen Open Source code.

    And a delay because of increased security-awareness or such-and-such? I think one should read that as “Woops it’s not working, we’re opening stuff up and crippling the safety features until the software interoperates again.

    If you haven’t noticed yet — I hate Microsoft’s software and I spit on their track-record. ;)

  6. Haydies March 22, 2006 at 2:12 pm #

    Wow, windows that dosn’t run drivers in ring zero? Amazing. Well, not really. NT was like that but with these new fangled accelorated cards there where performance issues, so move the drivers closer to the core, they go faster…. apparently.

    Still, can’t see it making all that much differance. Unless they implement file security as well…

    I’m due to reinstall a machine this week, so I might well give vista a blast… see what its like….

    Secure windows? now thats 2 words you wouldn’t expect to site next to each other…..

  7. Anonymous March 28, 2006 at 11:59 am #

    Right after the part you bolded, it says: AND even then they require administrator-level user permission. It sounds like you need the admin password AND you need permission from Bill Gates or whoever he trusts with a signing key. Is this the beginning of the Palladium big-brother situation Ross Anderson warned us about years ago? http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html

  8. Navaho Gunleg March 29, 2006 at 6:10 am #

    Anonymous: Yeah it is the beginning of that daunting big-brother age. Well actually, we’re already halfway-through, most people just failed to notice.