Microsoft to Vista hackers: Bring it on!
Microsoft's Jim Allchin is talking mighty tough to hackers eager to crack Vista, BetaNews reports. The extent of his bravado? You can run Windows Vista without antivirus software, he boasts, thanks to a new trick that randomizes the location of PC system files. (Many viruses rely on system files being located in the same spot on every Windows PC. With Vista, that's no longer the case; those files will be stored in random locations that vary from PC to PC, thanks to something called Address Space Layout Randomization.)

While Microsoft is hyping Vista's new security features as a selling point - and Allchin's comments are part and parcel of that marketing campaign - Allchin is violating a fundamental tenet of security: Never wave a red flag in front of hackers' faces. You're just asking for trouble.

Hyping this particular feature is an especially bad idea: Security researchers have already found vulnerabilities in Vista's ASLR technology. Microsoft's Michael Howard counters that researchers haven't found a weakness at all: it's an intentional design feature. Allowing too much randomness, he says, would make the system unstable. But a commenter on Howard's blog points out that the security compromise could be easily defeated with a "brute-force" attack if hackers used thousands of infected PCs to check every possible location for files.
Posted by Owen Thomas 11:07 AM 9 Comments comment | Add a Comment

Leave it to MSFT to go about this completely backwards.

Instead of just fixing the problem, they devote time, money, and effort to avoiding it. The problem, of course, is that Windows network services are vulnerable. So, instead of fixing Windows servers, MSFT resorts to the equivalent of a child taunting "nah, nah, nah, bet you can't find me!".

I will wager that someone WILL find them (or rather, the system files) and then we'll get to see them react with standard open-mouth-insert-foot backpedaling.

It would have been so much easier in the long run to simply fix the inherent problems. But that would a) have been to simple and straight-forward, and b) kept MSFT R&D and Marketing from hyping the "ASLR" talking point for Vista.
Posted By JohnT, Detroit, MI : 12:28 PM  

What an idiot..Why disclose such information to the public in the first place? Those sort of things should have been kept secret
Posted By Anonymous : 1:35 PM  

I wonder about the performance hit -- could take a lot of CPU to keep moving the system files around like that.
Posted By Chuck Linart, Flushing, NY : 2:43 PM  

Ha, it just seems ironic that a more viable plan for a hacker against Vista would be to use a brute force algorithm, since normally those are the easiest forms of hacking and also the first kind that you learn.
Posted By Michael Plater, Browns Summit, NC : 3:51 PM  

JohnT is correct. I have a feeling that ALSR will just amount to another set of patches to download and install. I wonder if the randomization occurs on startup? if so, you know what that means........................................................................................ you get the point
Posted By John, Honolulu : 6:11 PM  

Thank god I only use Apple.
Posted By Mike, Denver CO : 5:33 PM  

Obviously MS security designers are also aware about the possibility of brute force attacks and have measures incorporated in the design to counter that...
Posted By MsWinEmp, WA : 12:54 AM  

Hackers will always find a way to invade. What if the technology becomes known to the hackers and
the expected patterns are well predicted? What if hackers develop viruses that switch off the technology all together from functioning in PCs?
So talking about stopping hackers is talking about impossible.

Jamal Al-Mottawa
Posted By Bahrain : 1:38 AM  

ASLR is not about randomizing location of system files.... It's randomizing the address location @ which dlls are loaded in the address space of the process...
Posted By Anonymous : 6:31 AM  

To send a letter to the editor about The Browser, click hereTop of page

Got a news tip? Send it to The Browser