[conspire] Buggy ATI Driver (and others) Leaves Vista Open to Attack

Rick Moen rick at linuxmafia.com
Sun Aug 19 00:52:20 PDT 2007


Quoting Adrien Lamothe (a_lamothe at yahoo.com):

> No reason MS couldn't have cleaned up the code behind the API and
> messaging model. 

Actually, there is a reason.  As Chris "Foon" Paget explained it, in the
referenced article:

  How is everyone gonna fix this? I can see two quick and dirty methods
  which will break a whole lotta functionality, and one very long-winded
  solution which is never going to be a total solution. Let me explain.

  1. Don't allow people to enumerate windows Nasty. Multiple breakages.
  Theoretically possible, but I'd hate to see people trying to work around
  not knowing what windows are on the desktop when they need to.

  2. Don't allow messages to pass between applications with different
  privileges Means that you couldn't interact with any window on your
  desktop that's not running as you; means that VirusScan at the very
  least (probably most personal firewalls, too) would need a whole lotta
  redesigning.

  3. Add source info to messages, and depend on applications to decide
  whether or not to process the messages Would need an extension to the
  Win32 API, and a whole lotta work for people to use it. Big job, and
  people would still get it wrong. Look at buffer overflows - they've been
  around for years, and they're still fairly common.

They didn't do any of those things.

> MS has a history of shoe-horning code from their older OSes into the 
> newer ones.

...handicapping security by doing so, yes.  E.g., LanMan authentication
still persists, long after better replacements appeared.






More information about the conspire mailing list