Vista’s Security Design Error Cause For Concern?
- 2
- Add a Comment
- No Related Post
With Vista now launched, many are wondering how Microsoft did with securing its latest operating system. If initial reports are any indication, there is significant reason for concern. Joanna Rutkowska, a very reputable security researcher, has already uncovered a serious security flaw in the new operating system. Her finding was that in Vista, many applications require that they be installed with administrator privileges, and that during the install process, users are given two options:
- install with elevated privileges, or
- don’t install the application at all.
Many, including myself, initially came to the conclusion that Microsoft made a security design error in implementing this system. The truth of the matter is that this is a serious security problem, but that problem is not due to a recent decision by Microsoft.
The real problem is that thousands upon thousands of 9x and XP applications were written according to the old security model, i.e. the one in which installers were able to spray their parts all over the system with no issues because they ran as administrator. This won’t work in Vista because they’ve gone to a restricted user model, so they have only one choice - allow the applications to install with elevated rights.
Microsoft had no other choice, really. The alternative is telling people that old programs are insecurely written and can’t be used. That wouldn’t go over well. Unfortunately, allowing the applications to go in as administrator creates a major problem for Microsoft: it trains the users to say yes when an application asks to be installed with elevated privileges.
This is what’s going to do the real damage. It’s the fact that people are going to get so used to allowing legitimate applications to install with elevated rights that when a piece of malware asks to do the same they’ll happily oblige.
Not good.
But it’s not a Vista problem, really. It’s going to hurt Vista, but the real problem is that of legacy support. It’s ironic, really. All this work to make Vista more secure and it’s going to be largely undermined by how lax they were in the past.
2 Comments
Hmmmm
February 20th, 2007
at 7:56am
You reap what you sow. There’s no irony in that.
GiM
February 21st, 2007
at 8:41am
I guess this is a Microsoft “specific” problem.
Why? Why the “installation” NEED Administrator privileges ???
I work mostly with application that do not need “install” or I just cracked the install. Just copy a folder or an exe file, anywhere on HDD, especially out of “system” area (I have “my” “Applications” folder, on “my” “data” partition - exactly, a separate partition), make a short-cut to the program and that is all.
If, and only IF the application need some “shared” libraries, these will be installed with administrator privileges, or simply copy them in the application folder too (if the space is not a problem).
GiM ;-)