[conspire] Buggy ATI Driver (and others) Leaves Vista Open to Attack
rick at linuxmafia.com
Sun Aug 19 00:52:20 PDT 2007
Quoting Adrien Lamothe (a_lamothe at yahoo.com):
> No reason MS couldn't have cleaned up the code behind the API and
> messaging model.
Actually, there is a reason. As Chris "Foon" Paget explained it, in the
How is everyone gonna fix this? I can see two quick and dirty methods
which will break a whole lotta functionality, and one very long-winded
solution which is never going to be a total solution. Let me explain.
1. Don't allow people to enumerate windows Nasty. Multiple breakages.
Theoretically possible, but I'd hate to see people trying to work around
not knowing what windows are on the desktop when they need to.
2. Don't allow messages to pass between applications with different
privileges Means that you couldn't interact with any window on your
desktop that's not running as you; means that VirusScan at the very
least (probably most personal firewalls, too) would need a whole lotta
3. Add source info to messages, and depend on applications to decide
whether or not to process the messages Would need an extension to the
Win32 API, and a whole lotta work for people to use it. Big job, and
people would still get it wrong. Look at buffer overflows - they've been
around for years, and they're still fairly common.
They didn't do any of those things.
> MS has a history of shoe-horning code from their older OSes into the
> newer ones.
...handicapping security by doing so, yes. E.g., LanMan authentication
still persists, long after better replacements appeared.
More information about the conspire