Why Windows Vista ‘might’ Actually be Good

Use Netsparker


The main thing is the massive kernel overhaul, it’s actually adding some decent functionality and refining the architecture to become more like Linux!

While the kernel in Vista is still primarily the same one as in Windows 2000 and XP, there have been some significant changes to tighten up security. Fewer parts of the OS as a whole run in Kernel mode – most drivers run in User mode, for instance. Things that run in Kernel mode are prevented from installing without verified security certificates, and even then they require administrator-level user permission. In Vista, it should be much more difficult for unauthorized programs (like Viruses and Trojans) to affect the core of the OS and secretly harm your system

Yay, finally, an actual secure version of Windows? It’s about time right. But well what stops malware bundling itself with a pirated valid cerficate, there must be some offline procedure for people without full-time net connections.

We’ll have to see what this protection really offers, and how we can get around it :)

Also some heap performance improvements with controls to deal with heap fragmentation for large memory calls.

Some pretty advanced application ‘buffering’ too, not sure if I like this one (hopefully it can be turned off).

A key improvement to the root file system and memory management of Vista is a technology called SuperFetch. SuperFetch learns which applications and bits and pieces of the OS you use most and preloads them into memory, so you don’t have to wait for a bunch of hard drive paging before your apps or documents load. Microsoft has developed a pretty sophisticated prioritization scheme that can even differentiate which applications you are most likely to use at different times (on the weekend vs. during the week, or late at night vs. in the middle of the afternoon).

And well..networking? Does this finally mean THEY WROTE THEIR OWN TCP/IP STACK!?

Networking support has been extended throughout the lifetime of Windows 2000 and Windows XP, but it was getting harder and harder for Microsoft to keep improving the old code. So for Vista, they started over from ground zero and rewrote the networking stack from scratch. IPV6 was hacked onto Windows XP in a pretty basic way, but it is built directly into the Vista networking stack in a much more robust fashion.

Seems to have some fairly cool built in apps too and the new UI is very snazzy, perhaps a little too much eye-candy though, I don’t want to have to buy a Cray just to power the OS..

The browser will be running at a much reduced user level too (finally!) and it seems they are implementing proper user segregation by default (first time evar!).

I mean I never understood why they had ACL’s since WindowsNT but never setup or enforced segregation by default..like why can guest write to /windows/system and so on..

I’ll be looking out for it anyway, will you?

Source: Extremetech

Posted in: Windows Hacking

, , ,


Latest Posts:


Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.


8 Responses to Why Windows Vista ‘might’ Actually be Good

  1. Navaho Gunleg March 22, 2006 at 6:50 am #

    Kernel overhaul? I beg to differ — they discovered some vulnerabilities in their OS which also affected Vista, some time ago. When I read that, together with the fact that years ago some MS official stated that Vista would be a complete re-write.

    That vulnerability lead me to think otherwise.

    And now they market it as a re-write again? *confused*

    Hopefully, some bunch of crackers with too much free time on their hands will kill this weird marketing ploy. :]

  2. Darknet March 22, 2006 at 10:17 am #

    I think they actually avoided the term re-write, and stuck to overhaul as they had backward compatibility problems or something, so it’s still mostly the old Kernel.

    But yeah…bound to get pwned :D

  3. Navaho Gunleg March 22, 2006 at 10:21 am #

    Yeh the old kernel, built atop DOS 3.2’s PRINT queue. :P[/cheapshot]

    BTW I find the Vista name terribly similar to ‘Fista’ so that promises plenty of pain in the arse. (But I guess you should have a dirty mind like mine to get that remark — nvm.)

  4. backbone March 22, 2006 at 11:41 am #

    i’m really curios on there own rewriten TCP/IP protocol… i bet it will have thounsands of flaws…
    Vista were gonna hack you!!! hahaha

  5. Navaho Gunleg March 22, 2006 at 11:50 am #

    Somehow I am really not convinced.

    They are probably still busy removing all the symbols that can identify their binaries as being stolen Open Source code.

    And a delay because of increased security-awareness or such-and-such? I think one should read that as “Woops it’s not working, we’re opening stuff up and crippling the safety features until the software interoperates again.

    If you haven’t noticed yet — I hate Microsoft’s software and I spit on their track-record. ;)

  6. Haydies March 22, 2006 at 2:12 pm #

    Wow, windows that dosn’t run drivers in ring zero? Amazing. Well, not really. NT was like that but with these new fangled accelorated cards there where performance issues, so move the drivers closer to the core, they go faster…. apparently.

    Still, can’t see it making all that much differance. Unless they implement file security as well…

    I’m due to reinstall a machine this week, so I might well give vista a blast… see what its like….

    Secure windows? now thats 2 words you wouldn’t expect to site next to each other…..

  7. Anonymous March 28, 2006 at 11:59 am #

    Right after the part you bolded, it says: AND even then they require administrator-level user permission. It sounds like you need the admin password AND you need permission from Bill Gates or whoever he trusts with a signing key. Is this the beginning of the Palladium big-brother situation Ross Anderson warned us about years ago? http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html

  8. Navaho Gunleg March 29, 2006 at 6:10 am #

    Anonymous: Yeah it is the beginning of that daunting big-brother age. Well actually, we’re already halfway-through, most people just failed to notice.