Some years ago I posted a ridiculous suggestion about what future versions of Windoze would do with all those multiple cores. I termed this paranoid processing.
The idea was that each processor would constantly check other processors on the suspicion that they were up to no good. It should be clear that this approach could consume any computing power available. This would drive hardware sales because more power would be tied to greater security.
Since I don't do non-disclosure agreements (NDA) I can't say for certain that W10 has implemented my idea. What I can say is that the way they talk about hypervisors checking actions of virtual machines in memory really sounds like it.
Can anyone out there confirm or deny this?
You heard it here first
-
Moose On The Loose
- Posts: 965
- Joined: Thu 24 Feb 2011, 14:54
Re: You heard it here first
I can both confirm and deny it but then what do I knowprehistoric wrote:Some years ago I posted a ridiculous suggestion about what future versions of Windoze would do with all those multiple cores. I termed this paranoid processing.
The idea was that each processor would constantly check other processors on the suspicion that they were up to no good.
[...]
Can anyone out there confirm or deny this?
I seriously doubt that there would be any great advantage to the idea in a Windows machine. There is no straight forwards way to tell the difference between the code doing what it is supposed to do and it doing something evil. On things like the flight controls on rockets, the code is very carefully crafted and the allowed ranges for variables are documented. A second machine thus has things it can check.
-
prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
Re: You heard it here first
As I understand the implementation they are simply checking to see if you are running code that was not approved by Big Brother in Redmond. Signature checking fails in many applications, but for the limited purpose of forcing everyone to run M$ software it could work.Moose On The Loose wrote:...
I seriously doubt that there would be any great advantage to the idea in a Windows machine. There is no straight forwards way to tell the difference between the code doing what it is supposed to do and it doing something evil. On things like the flight controls on rockets, the code is very carefully crafted and the allowed ranges for variables are documented. A second machine thus has things it can check.
This would not result in improved end-user security, but it would support the idea of security of M$ cash flow.
-
gcmartin
Security concerns of Hypervisor presence.
Hypervisors.... support Virtual Machines.
Think: Virtual Machines servers/services from Linux KVM or XEN, to VMWare, to Oracle to Microsoft to Parallels to ... Been in use for years. Generally not currently possible for the VM Host has little to no responsibility at the VM Guest virtual machine level. Beware as what you refer may be another FUD shoved at us, people.
Not sure that Hypervisors is what you refer OR do you mean the plethora of Virtual Machine Management software that exist in open/close-sources? Either way, you can be assured that no one, private or corporate, are configuring as you suggest in the VM management levels .
A discussion of Hypervisors is here. (See the last paragraph on security implications.)
But, could some entity do so by creating/changing management software for those companies/corporations/government where Virtual Guest machines are managed?.... Well yes someone could write features into that management software.
In Puppyland, there are 2 distros which give you OOTB, KVM (near-native VM speeds); namely @StemSee's distro, and Lighthouse family. No installation necessary; just run it from the PUPPY Menu to boot a 2nd/3rd/... Virtual PC instance. Very,very efficient ... great for testing, distro building, script/code development, distro testing, streaming, and many other services one might want in their homes.
Hope this is helpful
Think: Virtual Machines servers/services from Linux KVM or XEN, to VMWare, to Oracle to Microsoft to Parallels to ... Been in use for years. Generally not currently possible for the VM Host has little to no responsibility at the VM Guest virtual machine level. Beware as what you refer may be another FUD shoved at us, people.
Not sure that Hypervisors is what you refer OR do you mean the plethora of Virtual Machine Management software that exist in open/close-sources? Either way, you can be assured that no one, private or corporate, are configuring as you suggest in the VM management levels .
A discussion of Hypervisors is here. (See the last paragraph on security implications.)
But, could some entity do so by creating/changing management software for those companies/corporations/government where Virtual Guest machines are managed?.... Well yes someone could write features into that management software.
In Puppyland, there are 2 distros which give you OOTB, KVM (near-native VM speeds); namely @StemSee's distro, and Lighthouse family. No installation necessary; just run it from the PUPPY Menu to boot a 2nd/3rd/... Virtual PC instance. Very,very efficient ... great for testing, distro building, script/code development, distro testing, streaming, and many other services one might want in their homes.
Hope this is helpful
-
prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
I'm reading between the lines of various announcements filled with hype about how W10 is going to solve all our security problems.
The emphasis on running M$ software, or other software on an approved whitelist managed by system admins, is all over. The primary source for these whitelists is M$ itself. Small problems in running applications from other vendors could translate into big competitive advantages. We saw how that played out with Lotus.
At one time the U.S. DoJ won a court judgement in an antitrust case against M$ requiring that the company producing the OS be separated from the one producing applications. M$ did not find that convenient, so nothing happened. We continue to see monopoly power in action.
The continued emphasis on the superior security of M$ software ignores the fact that a marketplace monoculture is an exceptionally high-value target, where a single lapse can expose, e.g. all the background information on everyone in the U.S. with a security clearance. (Similar attacks on airline passenger data strongly suggest someone is trying to exploit this information to identify active agents.)
There have been hundreds of acknowledged vulnerabilities in common M$ software made public in the last year. There is absolutely no evidence that the rate at which existing vulnerabilities are exposed is dropping at all.
What I'm seeing is an approach which basically abandons the idea of ever making M$ software itself truly secure, but instead looks for evidence anyone is exploiting vulnerabilities to launch software which is not on a whitelist. If a process which started out running M$ software is now running Duqu, that would be one example. If a new process appears which runs software which has not been whitelisted that could be a new attack. It could also be innovative software from a competitor of M$, which will also be treated as a threat. You don't have to use this feature, unless the sys admin at your company or your bank requires it.
I see a long list of features which contribute to M$ world domination, which is then conflated with security.
The emphasis on running M$ software, or other software on an approved whitelist managed by system admins, is all over. The primary source for these whitelists is M$ itself. Small problems in running applications from other vendors could translate into big competitive advantages. We saw how that played out with Lotus.
At one time the U.S. DoJ won a court judgement in an antitrust case against M$ requiring that the company producing the OS be separated from the one producing applications. M$ did not find that convenient, so nothing happened. We continue to see monopoly power in action.
The continued emphasis on the superior security of M$ software ignores the fact that a marketplace monoculture is an exceptionally high-value target, where a single lapse can expose, e.g. all the background information on everyone in the U.S. with a security clearance. (Similar attacks on airline passenger data strongly suggest someone is trying to exploit this information to identify active agents.)
There have been hundreds of acknowledged vulnerabilities in common M$ software made public in the last year. There is absolutely no evidence that the rate at which existing vulnerabilities are exposed is dropping at all.
What I'm seeing is an approach which basically abandons the idea of ever making M$ software itself truly secure, but instead looks for evidence anyone is exploiting vulnerabilities to launch software which is not on a whitelist. If a process which started out running M$ software is now running Duqu, that would be one example. If a new process appears which runs software which has not been whitelisted that could be a new attack. It could also be innovative software from a competitor of M$, which will also be treated as a threat. You don't have to use this feature, unless the sys admin at your company or your bank requires it.
I see a long list of features which contribute to M$ world domination, which is then conflated with security.
-
prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
What do you think of MS offering Windows 10 to users of win 7 & 8.1?
I have received such an offer in the form of a reservation.
I am still unsure of replacing my Win 7 though as some programs will be missing from 10 such as Windows Media center and of all things, solitaire.
I wonder if this will be a case of having to purchase software made for 10 and existing software one owns not working with it.
I have received such an offer in the form of a reservation.
I am still unsure of replacing my Win 7 though as some programs will be missing from 10 such as Windows Media center and of all things, solitaire.
I wonder if this will be a case of having to purchase software made for 10 and existing software one owns not working with it.
-
bark_bark_bark
- Posts: 1885
- Joined: Tue 05 Jun 2012, 12:17
- Location: Wisconsin USA
The only version of solitare I was satisfied with, was the one from KDE4.8-bit wrote:What do you think of MS offering Windows 10 to users of win 7 & 8.1?
I have received such an offer in the form of a reservation.
I am still unsure of replacing my Win 7 though as some programs will be missing from 10 such as Windows Media center and of all things, solitaire.
I wonder if this will be a case of having to purchase software made for 10 and existing software one owns not working with it.
....
I still use Windows 7 every day (software without a quality Linux substitute and that doesn't work well in Wine) and I will never,ever upgrade to Windows 10.....free or not.Microsoft taking control of updates away from the user is the final straw.No way will I allow Microsoft to install (or uninstall I guess as well) at their whim. Pass.8-bit wrote:What do you think of MS offering Windows 10 to users of win 7 & 8.1?
I have received such an offer in the form of a reservation.
I am still unsure of replacing my Win 7 though as some programs will be missing from 10 such as Windows Media center and of all things, solitaire.
I wonder if this will be a case of having to purchase software made for 10 and existing software one owns not working with it.
http://www.forbes.com/sites/gordonkelly ... es-danger/
Guess everyone will have to make their own decision.In a nutshell all upgraders to Windows 10 Home and Windows 10 Pro (whether free or paid) will be forced to install every feature, patch and fix Microsoft throws at them or have their security updates cut off.
'Free' Windows 10 Now Looks A Terrible Deal
'Free' Windows 10 Now Looks A Terrible Deal
http://www.forbes.com/sites/gordonkelly ... 0-charges/
[quote]Windows 10 is famously ‘free’, but Microsoft has been worryingly silent about just how free it really is. Now, only three weeks before release, leaks suggest ‘free’ Windows 10 might not be a good deal at all…
The news comes from ComputerWorld which attained Microsoft internal slides that strongly suggest many Windows 10 owners will have to start paying to receive updates within two years. The key lines ComputerWorld discovered are:
“Revenue allocated is deferred and recognized on a straight-line basis over the estimated period the software upgrades are expected to be provided by estimated device life…. [The estimated device life] can range from two to four years.
http://www.forbes.com/sites/gordonkelly ... 0-charges/
[quote]Windows 10 is famously ‘free’, but Microsoft has been worryingly silent about just how free it really is. Now, only three weeks before release, leaks suggest ‘free’ Windows 10 might not be a good deal at all…
The news comes from ComputerWorld which attained Microsoft internal slides that strongly suggest many Windows 10 owners will have to start paying to receive updates within two years. The key lines ComputerWorld discovered are:
“Revenue allocated is deferred and recognized on a straight-line basis over the estimated period the software upgrades are expected to be provided by estimated device life…. [The estimated device life] can range from two to four years.
-
prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
I doubt M$ is very worried about the 2 or 4 years. What I see now, with the inability of users to control which updates the system installs, is that M$ will be in a position to push all the advertising they want into those "free" systems.
Want to escape pop-ups and redirects? Buy a professional or enterprise license.
Want to escape pop-ups and redirects? Buy a professional or enterprise license.