Topic: Microsoft: The Vista Bullying Stops Here

[Centurus]

Smoke and mirrors my man, smoke and mirrors.  It's that vast right wing conspiracy going after MS now, (since MS Clinton is on the sidelines they need something to do).

Lets try and keep the political stuff in Hot and Spicy please.   
  Right wing / Left wing doesn't matter. keep it in the appropriate forum 

OG, it was a slight joke.  Sorry.  Shall not ever do it again. 

You gotta do it in a fashion that's witty, hip, insane, and completely and permanently destroys any and all credibility to your sanity and mental stability.

You gotta say, "It's a conspiracy man!!!  Just like the gremlins that steal my socks from the dryer.  The sock industry is in league with the gremlins to make more money.  But, at the very least they recycle my socks by washing them up and selling them again."

*takes a bow and farts and grabs a gas mask*

[toasty0]

And this has what to do what with Vista?

It's an excellent illustration of what can happen to you when you literally bet the life of your company on Microsoft's ability to deliver a secure product.  Of all the merits of Visa, Microsoft focusing on security is just plain dumb, to the point of being laughable.  They can't even secure their server products.

I guess this mean you consider the new sandboxing feature of WinServer08 and Vista worthless?

I don't care if it's an IBM mainframe, a sandbox is an infrasturcture partition, not an OS or logical one.  I realize it'll save smaller companies money, but from a PII perspective, I think it'll cause more problems than it will solve.

How do you think a sandbox would fit into a trusted computing model?  especially in an environment where trusted is defined at a circuit level?

Microsoft products don't rate above C1 on the Trusted Computing scale, so perhaps it's the definition of security that is at issue. 

In the WinServer08/Vista instance they've extended the concept to a network level.

Can you drop me a link on who is determining the C1 scale? I'd like to read how they are testing and what criteria they're using...you know, the usual BS.

Microsoft is as good as most of the rest of them for keeping the casual hacker out of your machine and keeping you from joining a zombie network (they all suck, IMHO).  It is not, however, the OS of choice for securing highly sensitive data.

[Dracho]

And this has what to do what with Vista?

It's an excellent illustration of what can happen to you when you literally bet the life of your company on Microsoft's ability to deliver a secure product.  Of all the merits of Visa, Microsoft focusing on security is just plain dumb, to the point of being laughable.  They can't even secure their server products.

I guess this mean you consider the new sandboxing feature of WinServer08 and Vista worthless?

I don't care if it's an IBM mainframe, a sandbox is an infrasturcture partition, not an OS or logical one.  I realize it'll save smaller companies money, but from a PII perspective, I think it'll cause more problems than it will solve.

How do you think a sandbox would fit into a trusted computing model?  especially in an environment where trusted is defined at a circuit level?

Microsoft products don't rate above C1 on the Trusted Computing scale, so perhaps it's the definition of security that is at issue. 

In the WinServer08/Vista instance they've extended the concept to a network level.

Can you drop me a link on who is determining the C1 scale? I'd like to read how they are testing and what criteria they're using...you know, the usual BS.

http://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria

http://en.wikipedia.org/wiki/Common_Criteria


You could maybe make a case that MS is B1, but it's unlikely.  Also, I misspoke, Server is C2 not C1.

Divisions and Classes
The TCSEC defines four divisions: D, C, B and A where division A has the highest security. Each division represents a significant difference in the trust an individual or organization can place on the evaluated system. Additionally divisions C, B and A are broken into a series of hierarchical subdivisions called classes: C1, C2, B1, B2, B3 and A1.

Each division and class expands or modifies as indicated the requirements of the immediately prior division or class.


[edit] D — Minimal Protection
Reserved for those systems that have been evaluated but that fail to meet the requirements for a higher division.

[edit] C — Discretionary Protection
C1 — Discretionary Security Protection
Separation of users and data
Discretionary Access Control (DAC) capable of enforcing access limitations on an individual basis
C2 — Controlled Access Protection
More finely grained DAC
Individual accountability through login procedures
Audit trails
Resource isolation
Required System Documentation and user manuals.

[edit] B — Mandatory Protection
B1 — Labeled Security Protection
Informal statement of the security policy model
Data sensitivity labels
Mandatory Access Control (MAC) over select subjects and objects
Label exportation capabilities
All discovered flaws must be removed or otherwise mitigated
B2 — Structured Protection
Security policy model clearly defined and formally documented
DAC and MAC enforcement extended to all subjects and objects
Covert storage channels are analyzed for occurrence and bandwidth
Carefully structured into protection-critical and non-protection-critical elements
Design and implementation enable more comprehensive testing and review
Authentication mechanisms are strengthened
Trusted facility management is provided with administrator and operator segregation
Strict configuration management controls are imposed
B3 — Security Domains
Satisfies reference monitor requirements
Structured to exclude code not essential to security policy enforcement
Significant system engineering directed toward minimizing complexity
A security administrator is supported
Audit security-relevant events
Automated imminent intrusion detection, notification, and response
Trusted system recovery procedures
Covert timing channels are analyzed for occurrence and bandwidth
An example of such a system is the XTS-300, a precursor to the XTS-400

[edit] A — Verified Protection
A1 — Verified Design
Functionally identical to B3
Formal design and verification techniques including a formal top-level specification
Formal management and distribution procedures
An example of such a system is SCOMP, a precursor to the XTS-400
Beyond A1
System Architecture demonstrates that the requirements of self-protection and completeness for reference monitors have been implemented in the Trusted Computing Base (TCB).
Security Testing automatically generates test-case from the formal top-level specification or formal lower-level specifications.
Formal Specification and Verification is where the TCB is verified down to the source code level, using formal verification methods where feasible.
Trusted Design Environment is where the TCB is designed in a trusted facility with only trusted (cleared) personnel.

[marstone]

Smoke and mirrors my man, smoke and mirrors.  It's that vast right wing conspiracy going after MS now, (since MS Clinton is on the sidelines they need something to do).

Lets try and keep the political stuff in Hot and Spicy please.   
  Right wing / Left wing doesn't matter. keep it in the appropriate forum 

OG, it was a slight joke.  Sorry.  Shall not ever do it again. 

You gotta do it in a fashion that's witty, hip, insane, and completely and permanently destroys any and all credibility to your sanity and mental stability.

You gotta say, "It's a conspiracy man!!!  Just like the gremlins that steal my socks from the dryer.  The sock industry is in league with the gremlins to make more money.  But, at the very least they recycle my socks by washing them up and selling them again."

*takes a bow and farts and grabs a gas mask*

Yeah, I know.  But heck I have been seeing a political endorsement for the last long time on a signature, figures alittle joke couldn't hurt.  

Hmm, been chewed out for commenting on a post because the thought wasn't finished even tho the post was done.  Chewed out over a few other little things.  Guess I go back to reading for the most part.

[Nemesis]

Yeah, I know.  But heck I have been seeing a political endorsement for the last long time on a signature, figures alittle joke couldn't hurt. 

Hmm, been chewed out for commenting on a post because the thought wasn't finished even tho the post was done.  Chewed out over a few other little things.  Guess I go back to reading for the most part.

It was not intended as a "chewing out" but as a reminder, not just to you but to those who followed after you.  If I was to intend a chewing out it would be in a PM that went along with what was intended to be a polite reminder.  That didn't happen and no "chewing out" was intended, nor is one intended now.

Signatures are something else, they are not a part of the discussion itself and thereby don't fall under the same rules (unless they go TOO far).  Myself I would prefer less in the way of partisan politics and religion in the signatures but so far they are allowable by the rules.

Recently I have had to move threads that belonged in THIS forum to Hot and Spicy because people brought in irrelevant  to the discussion politics or religion.  Moving it like that makes it inaccessible to some people, even at times the original author of the thread (which has happened).  As a result of certain peoples (not you) repeated moving of topics towards unsuitable to Engineering discussions I have had to be more active at policing that type of comment to enable Engineering appropriate discussions to stay here where they belong.  Fire a warning shot if you will before they become actual rules violations that need to be dealt with.

Myself I'm politically centrist and found your joke mildiy amusing but I know from experience that some one would  take it seriously and the thread would end up transferred to Hot and Spicy so I chose to "nip it in the bud" so it wouldn't blossom into something that needed transplanting.   To nip it before it was a problem.

[toasty0]

And this has what to do what with Vista?

It's an excellent illustration of what can happen to you when you literally bet the life of your company on Microsoft's ability to deliver a secure product.  Of all the merits of Visa, Microsoft focusing on security is just plain dumb, to the point of being laughable.  They can't even secure their server products.

I guess this mean you consider the new sandboxing feature of WinServer08 and Vista worthless?

I don't care if it's an IBM mainframe, a sandbox is an infrasturcture partition, not an OS or logical one.  I realize it'll save smaller companies money, but from a PII perspective, I think it'll cause more problems than it will solve.

How do you think a sandbox would fit into a trusted computing model?  especially in an environment where trusted is defined at a circuit level?

Microsoft products don't rate above C1 on the Trusted Computing scale, so perhaps it's the definition of security that is at issue. 

In the WinServer08/Vista instance they've extended the concept to a network level.

Can you drop me a link on who is determining the C1 scale? I'd like to read how they are testing and what criteria they're using...you know, the usual BS.

http://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria

http://en.wikipedia.org/wiki/Common_Criteria


You could maybe make a case that MS is B1, but it's unlikely.  Also, I misspoke, Server is C2 not C1.

Divisions and Classes
The TCSEC defines four divisions: D, C, B and A where division A has the highest security. Each division represents a significant difference in the trust an individual or organization can place on the evaluated system. Additionally divisions C, B and A are broken into a series of hierarchical subdivisions called classes: C1, C2, B1, B2, B3 and A1.

Each division and class expands or modifies as indicated the requirements of the immediately prior division or class.


[edit] D — Minimal Protection
Reserved for those systems that have been evaluated but that fail to meet the requirements for a higher division.

[edit] C — Discretionary Protection
C1 — Discretionary Security Protection
Separation of users and data
Discretionary Access Control (DAC) capable of enforcing access limitations on an individual basis
C2 — Controlled Access Protection
More finely grained DAC
Individual accountability through login procedures
Audit trails
Resource isolation
Required System Documentation and user manuals.

[edit] B — Mandatory Protection
B1 — Labeled Security Protection
Informal statement of the security policy model
Data sensitivity labels
Mandatory Access Control (MAC) over select subjects and objects
Label exportation capabilities
All discovered flaws must be removed or otherwise mitigated
B2 — Structured Protection
Security policy model clearly defined and formally documented
DAC and MAC enforcement extended to all subjects and objects
Covert storage channels are analyzed for occurrence and bandwidth
Carefully structured into protection-critical and non-protection-critical elements
Design and implementation enable more comprehensive testing and review
Authentication mechanisms are strengthened
Trusted facility management is provided with administrator and operator segregation
Strict configuration management controls are imposed
B3 — Security Domains
Satisfies reference monitor requirements
Structured to exclude code not essential to security policy enforcement
Significant system engineering directed toward minimizing complexity
A security administrator is supported
Audit security-relevant events
Automated imminent intrusion detection, notification, and response
Trusted system recovery procedures
Covert timing channels are analyzed for occurrence and bandwidth
An example of such a system is the XTS-300, a precursor to the XTS-400

[edit] A — Verified Protection
A1 — Verified Design
Functionally identical to B3
Formal design and verification techniques including a formal top-level specification
Formal management and distribution procedures
An example of such a system is SCOMP, a precursor to the XTS-400
Beyond A1
System Architecture demonstrates that the requirements of self-protection and completeness for reference monitors have been implemented in the Trusted Computing Base (TCB).
Security Testing automatically generates test-case from the formal top-level specification or formal lower-level specifications.
Formal Specification and Verification is where the TCB is verified down to the source code level, using formal verification methods where feasible.
Trusted Design Environment is where the TCB is designed in a trusted facility with only trusted (cleared) personnel.

I read through the material and I do not find anywhere in where the DoD rate all of Microsft at a C1 or C2.

[Dracho]

I read through the material and I do not find anywhere in where the DoD rate all of Microsft at a C1 or C2.

In order to rate a B2, for example, a system (this rating is applied to hardware as well as software) would need to be able to perform covert channel analysis.  MS doesn't do that, so it can't fufuill the requirement of the label.  TCSEC and the Commonon Criteria (uses a 1-7 scale with 7 being the most secure, and is making its way into the ITSEC ISO) are evaulation processes, not evaulations in and of themselves.  You have to do the analysys yourself based on the security requirements put forth by the data owner.

I think you and I are meaning something different when we say "security".  Working in the financial processing world, "security" to me (and in the article I posted) falls much closer to the DOD model than what I would term as "casual security".  MS is ok at casual security (in that it is not much worse than anyone else), but it falls way short in financial systems.  For instance, most of my heavy work is done on an IBM mainframe with RAC-F. We had as very heated discussion on whether RAC-F was sufficient, or we needed to use Top Secret.  Microsoft never gets closer to my credit card data than generating reports from an SQL database that has had the card numbers masked before arrival.  Also, our POS (Point-of-sale) systems (cash registers, basically) use embedded XP.  One system has been found to be storing track data in violation of PCI, and another has had 15 security patches in 13 months.  3 others have been "sunsetted" by the vendor and are being replaced by Linux systems.

Also, watching the infrastructure guys use TCSEC can be.. amusing. For instance, in a quad-processor system the bus from processors 12&3 travels through processor 0, so processor 0 can be trusted, but 1,2&3 cannot because a compromise of 0 would invalidate their security assumptions.  Therefore, certain processing jobs must use an affinity for processor 0.

[Nemesis]

Now that Bill Gates won't be around as much Steve Ballmers secret plans for Redmond have been revealed.

[toasty0]

Microsoft never gets closer to my credit card data than generating reports from an SQL database that has had the card numbers masked before arrival. 

It should be, but as in the case of TJMAX proper protocol were not followed and your CC information as well as PINs were broadcasted unencrypted from the POS to a server in the manager's office.

I am curios though, I wonder how many of the companies listed at this link complied with the DoD requirements: http://attrition.org/dataloss/
I'm pretty confident a number of them used other OS than MS technologies.

[Dracho]

Oh, probably almost none of them.  It's the classic "ease of operations" vs. "adequate" security conflict.  "adequate" security almost never happens until some breach event occurs and your replacement implements it.

[Centurus]

Smoke and mirrors my man, smoke and mirrors.  It's that vast right wing conspiracy going after MS now, (since MS Clinton is on the sidelines they need something to do).

Lets try and keep the political stuff in Hot and Spicy please.   
  Right wing / Left wing doesn't matter. keep it in the appropriate forum 

OG, it was a slight joke.  Sorry.  Shall not ever do it again. 

You gotta do it in a fashion that's witty, hip, insane, and completely and permanently destroys any and all credibility to your sanity and mental stability.

You gotta say, "It's a conspiracy man!!!  Just like the gremlins that steal my socks from the dryer.  The sock industry is in league with the gremlins to make more money.  But, at the very least they recycle my socks by washing them up and selling them again."

*takes a bow and farts and grabs a gas mask*

Yeah, I know.  But heck I have been seeing a political endorsement for the last long time on a signature, figures alittle joke couldn't hurt.  

Hmm, been chewed out for commenting on a post because the thought wasn't finished even tho the post was done.  Chewed out over a few other little things.  Guess I go back to reading for the most part.

Could have been worse.  You could have been a giant piece of bubble gum.  Then not only would he have chewed you, but also blown bubbles that pop.

*misses bubble gum*

[Dracho]

Toasty,

I'll bet you those organizations all have something else in common too, even more important than putting the wrong OS in the wrong role:  I'll wager you the majority of them took their security recommendations from the same people / organization responsible for operation readiness of their IT environments.  Operational readiness always trumps security, and admins will think up the most convoluted logical constructs to justify doing something the way that makes it easier for them, rather than IAW security best practices.

I also see a lot of names on that list where someone lost a laptop full of unencrypted data, so... well, we could have a long debate about whether or not the laptop OS should be part of the discussion.  Personally, I blame it on lack of disk level encryption, and specifically encryption not dependent upon the OS user credentials or Active Directory for authentication.

[Nemesis]

Link to full article

According to a study of 106 major U.S. airports and 800 business travelers published by the Ponemon Institute and Dell Computer, about 12,000 laptops are lost in airports each week. Only 30 percent of travelers ever recover the lost devices. Nearly half of the travelers say their laptops contain customer data or confidential business information.

The report offers a very different view from sources that collect breach disclosure information, such as Attrition.org, where only a few companies disclose laptop thefts each week. Many employees are embarrassed to report the loss of a laptop, and many companies don't report them, experts say.

"It’s staggering to learn that up to 600,000 laptops are lost in U.S. airports annually, many containing sensitive information that companies must account for," said Larry Ponemon, chairman and founder of the Ponemon Institute. "IT departments must re-evaluate the steps they’re taking to protect mobile professionals, the laptops they carry, and company data stored on mobile devices."

No wonder the laptop business does so well.

Each of these laptops is potentially a security breach. 

[Clark Kent]

Yes, I can see how the company that holds 95% of the OS market would clearly be bullied by their competitors.  Personally, I think Vista isn't that bad, but the issues it has are largely because M$ screwed up on it.  I couldn't tell you how many IT people I know who would rather cut off their right arm rather than own Vista.  90% of the developer market doesn't want to touch it.  Businesses in general don't want to touch it.

Oh yes, i can totally see why people would want to invest in your crappy OS when the refined version is supposed to be out in 2009.   

Beside the devlopers I personally know, the boards I lurk on (www.codeproject.com) express just the opposite sentiment than you assert.

IT peeps. Bah! By nature they hate change. Vista has nothing to little to do with their unwillingness to accept new technologies.

Perhaps you are right- I read that in a cnet article a couple weeks ago (about 90% of developers not switching).  If my source was erroneous, then so was my statement, but not sure how I can verify it.

As for  IT professionals, yeah, they do resist change, because it increases their workload.  Still though, I don't remember this many IT guys being upset with XP (though I do recall hearing some griping).

[Dracho]

Ha.. I could take you to meet a room full of mainframe programmers who are holding out for Cobol's inevitable return to popularity.

[GE-Raven]

As an IT guy of a meager dozen years or so... I can say that from "my" standpoint.  Vista is great as a home OS.  However it doesn't offer enough to make it worth the hassle yet to upgrade in our campus.  However I expect by this time next year it will.  That is how it goes with large institutions... It wouldn't matter at all how good the OS is... anything on this big a scale takes time!

I have had more trouble with OSX 10.5 than I care to relate... and that is on a whopping 8 machines.

GE-Raven

[Clark Kent]

As an IT guy of a meager dozen years or so... I can say that from "my" standpoint.  Vista is great as a home OS.  However it doesn't offer enough to make it worth the hassle yet to upgrade in our campus.  However I expect by this time next year it will.  That is how it goes with large institutions... It wouldn't matter at all how good the OS is... anything on this big a scale takes time!

I have had more trouble with OSX 10.5 than I care to relate... and that is on a whopping 8 machines.

GE-Raven

Interesting- my experience with OS X has been nothing g but pleasant.  I would be very interested in hearing the problems you've had.  I suppose that sounds like a taunt, but I promise you it isn't.

[Dracho]

Eww.. I just had a "getting a phaser printer to communicate over Appletalk flashback".  I need a drink..

[Just plain old Punisher]

As an IT guy of a meager dozen years or so... I can say that from "my" standpoint.  Vista is great as a home OS.  However it doesn't offer enough to make it worth the hassle yet to upgrade in our campus.  However I expect by this time next year it will.  That is how it goes with large institutions... It wouldn't matter at all how good the OS is... anything on this big a scale takes time!

I have had more trouble with OSX 10.5 than I care to relate... and that is on a whopping 8 machines.

GE-Raven

Interesting- my experience with OS X has been nothing g but pleasant.  I would be very interested in hearing the problems you've had.  I suppose that sounds like a taunt, but I promise you it isn't.

He's been brainwashed by that bastard Steve Jobs and his mystical turtleneck sweaters!!

DAMN YOU STEVE JOBS!! DAMN YOU TO HELL!!

[Pestalence_XC]

My sister just bought a Mac with OS X..

For the first 2 weeks, she loved it..

Now that she is realizing that 95% of her software needs emulators to work them and WINE is incompatible with much of her software and Cross Over isn't working correctly as well.. she is considering taking it back and exchanging it for a PC...

Add on top of that, there is hardly any software market for OS X or Linux..

She is going to make her decision in the next 3 days and then she either has to keep the machine or exchange it.. the 30 return policy.. got to love it.