Vista kernel is vulnerable

Discussion in 'Backup and Security' started by Banjo, Nov 24, 2008.

  1. Banjo


  2. I just rebuilt my Vista machine and have been running as an administrator, dang... security is a pain in the arse bigtime.. I know not to run as an administrator too...

    Buffer overrun... jeez, buffer over and under runs have been a huge source of hacks, you'd think uSoft could just test for those things very thoroughly... build a hardware system that would alert to a buffer problem even...
  3. Chagi


    I'm not exactly a Microsoft fan, but all this appears to be at this point is essentially social engineering. All operating systems are vulnerable to users with admin privileges allowing things to happen that should not.
  4. Microsoft is shit. Plus what the hell is a Message Icon
  5. Mecro



    A Microsoft product that has security flaws? Who would have thought?
  6. Running ANY system (be it Windows or UNIX-like OS) as administrator is the big "no no" which is able to eliminate all security measures available in OS...

    Every code contains vunlerabilities, just because it's written by mere humans... But Microsoft has trained whole generations of users completely ignorant about security who think running system as administrator is normal and both XP and Vista by default create administrator account...

    Vista at least tries to warn about dangers of doing so, but still I consider it nearly crime from Microsoft that they do not explicitly warn and educate users about security flaws and measures...

    What can be easier than create a bright bold warning, or go by the path of Ubuntu where "root" account is disabled by default at all...

    Vista is a big step forward in this sense, compared to XP, at least if you run it under normal user and want to perform administrative tasks it warns you of potential danger of doing so with unknown software, but still very far from being enough....
  7. Just to be safe, I do all my browsing in a sandbox. Sandboxie is free and will keep any malware you pick up while browsing safely off your 'root'.

    Security is a pain, but the extra layer is worth it.
  8. maxpi


    I have played with Sandboxie, basically it keeps hackers from writing to your hdd but they still can come in, steal info during the session.

    As a direct application to trading, I wonder if one program [say Ninjatrader] can run in the sandbox and access the API of another program [say TWS] but such that TWS cannot access anything related to Ninjatrader such as source files...
  9. balzano


    Windows was full of vulnerabilities since 3.1 ..

    Let me tell you a simple and true statistic - out of every 10-15 lines of code there is misused syntax or a function that can potentially be exploited by an attacker to gain administrative access to a system or even cause a Denial or service attack.

    And Windows has millions of lines of code for the core OS alone.. That’s excluding all the applications that create additional layers of security concerns.

    Just be careful what websites you browse and what applications you install on your system.

    simple as that.