If you've ever installed Microsoft Vista yourself (or looked around in the hard drive of your brand new box), chances are you'd be surprised to find that it's a hog for disk space. An install of Vista can take up anywhere from seven to fifteen (!) gigabytes of disk space, which most people can eat because hard drives these days are typically in the hundreds of gigabytes. Still, that's a hell of a lot of binary; maybe if you've installed a load of applications and patches over a year or so, I can see that, but when you factor in everything …
A presentation at Black Hat Europe 2007 by security researchers from India has blown the security of the Windows Vista bootloader wide open, and compromised the security model of Microsoft's latest operating system at the lowest levels. Vipin and Nitin Kumar of NV Labs figured out how to write what the popular press is calling a 'bootkit' that runs off of a bootable CD or DVD. The bootkit searches the primary drive for a copy of Windows Vista and executes it while making modifications to the code running in memory transparently - because the OS trusts the 'trusted' bootloader implicitly, it …
Early adopters of Windows Vista have been finding themselves burned by an increasingly common problem in personal computing, namely, the utter lack of compatible drivers. Microsoft has been making it more and more difficult to write drivers these days, and a lot of companies weren't able to ship Vista-ready drivers by the time the new version of Windows hit the shelves and OEMs. Thus, they wind up on the manufacturers' websites, often hidden behind crappy search engines and mis-linked pages. This doesn't help you if your modem or network card doesn't work because - surprise, surprise - there are no drivers for …
Just when you thought attacks couldn't get any more oblique, along come Sebastian Krahmer and George Ou, who figured out how to use Vista's audio playback and voice recognition systems to compromise a box. It started off with Krahmer musing on the Dailydave list about whether or not it would be possible to craft a recording of someone reciting voice commands that could be picked up by Vista Speech Command running on the same box through a plugged in microphone. George Ou took the idea and ran with it, and came up with a couple of .wav files that do …
Technically, Microsoft Windows Vista hasn't even been released yet and the DRM system has been cracked. DRM, the so-called Digital Rights Management system that the MPAA and RIAA are blackmailing hardware and software vendors into supporting so that they can control what you watch or listen to, how, when, and for how long uses strong crypto to encrypt media files and control who and what can access them. In Vista, it's called PMP, the Protected Media Path, and reaches all the way down to the level of the hardware drivers. In theory, if all of the drivers on the system …