Microsoft Takes Vista to Hacker Confab
The annual Black Hat conference in Las Vegas plays host to the world's top hackers and security professionals, who come together to discuss the industry and delve into code. Microsoft is playing a major role at this year's event, inviting attendees to find holes in Windows Vista.
A Vista beta build was handed out to about 3,000 experts on Thursday in hopes they will uncover flaws before the operating system is completed later this year. Microsoft's director of security outreach, Andrew Cushman, also gave a talk about the security enhancements added in Vista, telling the crowd, "We're here to show our work."
Windows Vista is the first operating system from Microsoft to be built from the ground up using the SDL development model. Every bit of code is scrutinized for Common Criteria Certification and security compliance checkpoints must be met along the way.
Services are now run with reduced privileges that contain profiles specifying allowed file system, registry and network activities. Further below the surface, the Vista kernel makes it harder for rootkits to elude detection, while better protecting against unauthorized patches.
Spyware and malware threats, meanwhile, are contained by the operating system's built-in scanning engine that is based upon Windows Defender. In addition, the Vista firewall extends the functionality added in Windows XP Service Pack 2 to provide full directional filtering and application blocking.
Potentially malicious applications are also restricted with Vista's new User Account Control feature, which has spurred a great deal of complaints from beta testers. UAC forces programs to run in a specific Integrity Layer, with a default of medium, and request elevated privileges from the user when performing system commands or writing to sensitive directories.
On the hardware level, Microsoft has implemented BitLocker full disk encryption. Using a TPM chip located on the motherboard or USB stick, BitLocker literally encrypts data while it is being written to the disk. If a laptop were stolen, the hard drive would be inaccessible without a recovery key.
But Microsoft acknowledges that nothing is infallible when it comes to computer security. This is where black hat hackers like those in Las Vegas are intended to help out. Internally, the company has also put together what is called a penetration, or pen, test team. This group has only one duty: to break the security in Windows Vista and help the company develop fixes for the vulnerabilities.