May 2007 Entries
The Windows Vista UAC exploit I recently published has garnered some attention as well as some criticism. I wanted to take a moment to reply to some of what I've seen in the press, in comments around the web, as well as the response from Microsoft. On some of the PC World/PC Magazine and their affiliates' web sites, there was a comment that "Pac-Man" should never require elevation (I use a Pac-Man clone as an example of what would otherwise be innocuous software in the whitepaper). This is true,...
A short couple of weeks ago, I criticized Microsoft's "Ten Immutable Laws of Security." The so-named Ten Laws leave Microsoft shielded from users who will be going approval-crazy under User Account Control (UAC) because they either don't know for sure how to respond to the dialog, what they did to cause the dialog to come up, or whether they really want to do whichever action is happening. I particularly criticized the "If a bad guy can convince you to run software on your computer..." law, which...
One of the neat things Microsoft incorporated into Windows with the release of Internet Explorer 4 (which was provided for Windows 95 and Windows NT 4.0 with Service Pack 3) was the CryptoAPI, which provided not only services for secure hashing and stream ciphers, but also implemented Microsoft's Authenticode (r) code-signing verification. Authenticode is the technology that allows a Certification Authority (CA) such as Verisign to issue certificates to its clients in order to establish that software...
Tonight I was made aware of a bug in a library that I wrote that implements the cryptographic authentication sequences used by Blizzard Entertainment's Battle.net gaming service. The user reported that his code simply stopped executing; it never occurred to me that he might just be swallowing an exception (particularly if his code was running on a secondary thread). But when I reviewed my code, I saw that all of my loops were deterministic, and although I had a couple lock { } blocks throughout the...