Why Hackers Hate Windows 7

If you are a hacker you love when you can dig into a system and start to learn it from the inside out.

You take the time and learn every intricacy that is in the system.

You know that there are millions of lines of code that you will have to comb through, so you know that an exploit will be found eventually.

Knowing these small facts will let you be able to bend the machine to your will, especially if you have a trick that no one knows about.

This can all change in an instant when the owner of the software makes any significant changes to it.

You hope that all of the upgrades that are on the new version have nothing to do with the break points that you have found but more than likely there will be new blocks that you will have to hurdle.

This is why hackers are having a hard time with the new Windows 7 operating system.

Windows 7 Improves Security With Rewritten Code

Even though Microsoft has kept some backwards compatibility, they have rewritten a lot of the operating system software that was lying underneath.

They have made big changes to the code that runs the kernel and also the code that manages the memory.

Changes such as this can lead to old exploits not working the same way, as they were before.

Now the hackers, especially the black hat hackers, have to dig through all of that code once again so they can find new points of weakness.

Even though they might love doing it, it is a time consuming process and there are only so many hours in the day.

When you have all of the work that you have done, ruined by a simple patch, then you can get quite frustrated.

Even though an upgraded Windows 7 operating system may upset black hat hackers, this is a great thing for the users of the operating system.

Security Is Improving With Microsoft

Since Microsoft is showing that they have a renewed interest in security with all of the changes in the code, you know that you are using a computer that has been completely tested and secured.

You also want to make sure that you install any security patches that Microsoft may issue.

These patches upgrade your computer so that known exploits can be cut off at the pass.

So if you want to make sure that you have a computer that hackers will want to avoid, and you prefer Microsoft operating systems, then make sure you upgrade to Windows 7.

There are a lot of patched holes and a whole lot of new code that the hackers will have to dig through.

It makes finding new exploits take a much longer amount of time.

Download Free "PC Security Tweaker 9.51"

PC Security tweaking software to tweak Windows-based computers.
Tweak access to lots of Control Panel applet functions, enforce users to
use separate system profile folders, disable selected Start Menu items,
lock and protect disk drives in My Computer, disable the DOS and
command prompt, interruption boot keys, real DOS mode, Registry editing,
taskbar, task manager, and network access, hide desktop icons, and much more.




Download Free For Windows XP, Se7en

Defending against hackers at their own conference

Part of going to any conference is picking and choosing the presentations to attend. But, going to a hacker conference, such as the upcoming HOPE in New York City, means taking extra care for security. In my case, I'm going to bring a Windows XP laptop. Am I asking for it?

Here's my plan, many parts of which can help anyone needing to secure a computer while traveling.

Since Internet access at the conference is via an unsecured wireless network, the most obvious first step is use a VPN. VPNs provide the over-the-air encryption that comes with WPA or WPA2 on home/business networks.

Without a corporate home office to connect to, I pay a yearly fee for VPN access to Witopia. They offer two types of VPNs, PPTP and SSL, and have been very reliable. Yes, there are free, ad-supported VPNs, but that's not a business model for me. Some free things are great, but good security is worth paying for.

Another step that anyone using a public wireless network should take is insuring that the operating system firewall is both running and configured properly.

On some computers I use Online Armor from Tall Emu, but in many ways the firewall built into Windows XP is just fine. What's especially nice about it, is that the configuration is drop-dead simple. Complex firewall configuration is an accident waiting to happen.

If you're not sure about the state of a firewall on a computer, you can test it at Shields UP! a free service from Steve Gibson. Stealthed ports are the best, closed ports are good enough and open ports are bad. Be aware though, that if your computer is behind a router, any external firewall test is actually testing the firewall in the router, not your computer.

One step that is easily skipped is File and Printer Sharing. On a home or business network, we normally want to share files with other computers on the LAN. Not so on a public network. File and printer sharing will be disabled on my XP system while at the conference. With Windows 7, if you tell it that you are on a public network, it should turn off file and printer sharing.

Ad-hoc networks are another potential danger.

Normal networks, run by a router are called "infrastructure" networks and this is the only type you want to deal with. Computers can create their own ad-hoc networks such that two computers can communicate directly without involving a router. Bad guys create ad-hoc networks in the hope of luring in unsuspecting computer users. Not me. Windows XP will be configured to never connect to any ad-hoc network, a step anyone running XP should take.

Speaking of XP, every time I boot my laptop, I will logon on a restricted user, rather than an administrator.

Normally when I travel, sensitive files are stored in a TrueCrypt container on the hard drive. However, this being a hacker conference, I'm keeping the TrueCrypt container on a USB flash drive in my pocket and I hope to never have to refer to any sensitive files while at the conference.

Even more so, I'll separate the somewhat sensitive files into a different container from the more sensitive ones.

If, however, I have to look at any of the sensitive files, this means entering the TrueCrypt password while in the belly of the beast, so to speak. To minimize potential damage, I won't use my normal password, but will create a new one specifically for the conference.

Ditto email. Beforehand, I'll change my email password, and after the conference, I'll change it back.

Speaking of email, I normally use Thunderbird, but won't at the conference.

Any client side email program has to send out your password to an email server, and this exchange is, all too often, unencrypted. VPN or not, special short-term password or not, this scares me. All my email will be done via encrypted webmail.

Of course, all webmail systems are not the same. Some only encrypt the logon, others encrypt everything, including the pages for reading and writing email. Gmail is perhaps the most secure in that it now encrypts everything. This gives me two levels of encryption, the VPN and SSL from Gmail. Fortunately, the webmail system offered by my ISP also encrypts everything.

Gmail has another great feature, auditing. At the bottom of each page is a link to information about the last couple times the account was accessed. Great feature. It could be better, but I haven't yet seen anything comparable on another webmail system.

As for web browsers, it goes without saying that Internet Explorer will never see the light of day.

The big advantage to Firefox is the zap I wrote about last year. With a slight modification to a CSS file, Firefox can display all secure web page URLs in green. This is a great defense against man-in-the-middle attacks and is especially helpful in the home office of such attacks, a hacker confab.

For extra protection, I just may well run Firefox in a Sanboxie sandbox. And, if I can remember, I'll turn off the Wi-Fi radio in my laptop when I'm not online. That's a big if though.

There's my game plan. Come and get me hackers. Uh, then again, never mind.

Make Firefox flag secure web pages as green

I love Firefox, but it's far from perfect. As someone interested in Defensive Computing one of the biggest drawbacks to version three is that the address bar does not change color when viewing a secure web page (HTTPS as opposed to HTTP). Version 2 used to change to yellow, but version 3 doesn't change colors at all.  

Reports from the Black Hat security conference about new software that attacks secure web pages make this all the more important.

The new software, called "SSLstrip" by its developer Moxie Marlinspike, does a man-in-the-middle attack. It can go so far as to forge secure web pages. However, in a demonstration of the software, the developer didn't even bother with that, he simply changed secure HTTPS pages into insecure HTTP pagesand many users didn't notice.

Non-techies can't be expected to train themselves to look for HTTPS rather than HTTP in the browser address bar. And while a lock icon is also used to indicate a secure page, the location of the lock varies with different browsers and the lock icon can be forged.

Web browsers need to indicate secure pages in a more intuitive way and do it where the user is already paying attention, the address bar. To that end, we can force Firefox 3 to show all HTTPS based pages with a green address bar.

Doing so, in Windows versions of Firefox, requires a file called userChrome.css that contains the two lines of code below.

#urlbar[level] .autocomplete-textbox-container
{ background-color: #D0F2C4 !important; }

The hard part is putting the file in the right place.

In Windows XP and 2000 go to:

C:\Documents and Settings\[User Name]\Application Data\
Mozilla\Firefox\Profiles\xxxxxxxx.default\chrome\

In Windows Vista go to:

C:\Users\<[User Name]>\AppData\Roaming\
Mozilla\Firefox\Profiles\xxxxxxxx.default\chrome

The Xs represent randomly generated characters. You may have first configure Windows to show hidden and/or system files.

Portable Firefox users should go to

X:\somefolder\Data\profile\chrome

Where X:\somefolder is the folder where the portable version of Firefox resides.

A sample userChrome.css file is provided at the bottom of this blog posting. Download this file to the correct folder, rename it (remove the .txt at the end) and you're done.

Alternatively, there may be a file in the target folder called userChrome-example.css that can be used as a model. Either rename it userChrome.css or, better yet, make a copy of it and rename the copy to userChrome.css. Then edit this new userChrome.css file with a text editor and add the two lines above.

This is the same green (#D0F2C4) that Internet Explorer 7 uses. However, IE7 frequently does not turn green on secure pages (I don't know the exact rules for this and as a devoted Firefox user, I don't care) whereas this zap makes the Firefox address bar green on all secure pages.

I'm going to try this is in a couple Linux distributions and will report back. If any Mac users read this, please leave a comment as to how well it works under OS X and what the target folder is.

Attachment	Size
userChrome.css_.txt	359 bytes

Are Hackers Looking To Exploit Windows 7 Already?

When it comes to secure operating systems, with the release of Windows 7, Microsoft can finally claim to be one.

Windows 7 has proven that Microsoft has taken security seriously and that they have attempted to prove that through their actions.

Even though Windows 7 has improved a great deal of security issues that used to be a concern for Microsoft products there are still some legacy issues that continue to be a problem.

This is why Windows 7 is becoming a favorite attack vector when it comes to cyber crime.

Windows 7 is a trim operating system going by previous Windows OS standards.

The reality is that the operating system still has more lines of code than it’s nearest competitors, Mac OS X and Linux.

It is because of Windows 7 legacy support that this is still a problem.

There are still vendors out there that need a new version of Windows to be able to operate programs that are 20 years old.

And Windows 7 still has the ability to do this.

To be able to have this feature though, it means that you must leave old code in.

The more code that is in a program, the better the chances that a malicious hacker will find an exploit that has not been discovered yet.

Security experts have already seen a rise of communication between groups of bad guys discussing vulnerabilities that they have already found.

Microsoft has already released security patches for their new operating system and you can expect several more.

The large code base and the wide amount of usage means that the Hackers will have fun looking for new and creative ways to attack innocent victims.

Some attackers are using old school techniques to exploit the release of Windows 7.

They are using emails that either pretend to be a support ticket for the new operating system or the email pretends to have a link that allows you to download an upgrade for the operating system.

This is why if you want to do an update of your operating system never go to a third party that pretends to do this.

Always visit the official Microsoft web site and follow their instructions on how to update your OS.

As you can see, even with all of the security that Microsoft has baked in to Windows 7, the security issue still remains.

This is why you must not rely only on software security to keep your computer safe.

You must be on the lookout as well and learn to be able to tell when something is wrong.

Security – Windows 7 Vs Mac OSX

Comparing the relative levels of security between two vastly different operating systems is, of course, a rather subjective matter.

After the much hyped, and sometimes maligned, Windows Vista the spotlight has once again been placed over Microsoft who have recently released Windows 7.

This is hot on the heels of Apple’s latest operating system for the Mac, Snow Leopard.

Nowadays security is one of the biggest concerns for any operating system.

Windows 7 vs Mac OSX

Security Issues

According to security experts Secunia, Mac OS X is much safer than the Windows operating system as they found only 9 security issues with Mac OS X compared to 29 issues with the Windows product.

Does this paint a fair picture though?

Everybody knows that the Windows operating system is installed on many more computers than Mac OSX and that makes it a big and lucrative target for malware authors.

Therefore isn’t it just a case of scale that makes Windows appear to be less secure on first glance?

Windows 7 is, in my opinion, a far better product (in terms of security) than its previous versions.

Security Features

A whole host of features, such as Biometric Framework, fingerprint scanners, BitLocker and others make Windows 7 an amazingly secured operating system.

At the same time, the smaller market share of Apple Mac OS X, and the absence of third party programs, makes their operating system harder to hack (or less appealing at the very least).

For this reason, systems powered with Mac OS X suffer less attacks than their Windows counterparts, making the Mac appear to be extremely secure.

On the other hand, Windows 7 comes with dozens of security tools but its openness makes it’s monster security system look like an ordinary one.

Recently Windows Vista post-Service Pack 2 has been named as the safest operating system on the planet.

And it is quite obvious that Windows 7 will incorporate all the features of it’s successful predecessor.

If you are not satisfied by the security parameters of Windows 7 then you can tweak it further by using third party firewalls, antivirus and other protection programs whereas such a feature is absent in Mac OS X.

Hackers

But, Windows Operating Systems are easily undone by hackers, so the story MIGHT remain the same with Windows 7.

So this might compel you to use Mac OS X.

Comparing the security levels of Windows 7 and Mac OS X is difficult as both have their benefits and weaknesses.

Although operating systems have a major role to play in the security of your computer the ultimate responsibility lies with you, the user.

Having a secured Internet connection and good surfing habits are probably a more important consideration than which operating system you use.

Which is the most secured Operating System, Windows 7 or Mac OS X?

That is a never ending debate and one that can get quite emotional, as evidenced by the comments last time I wrote on the topic of whether an Apple Mac was more secure than a Windows machine.

What do you think?

Hackers exploit unpatched Windows XP security hole

Hackers are currently exploiting a Windows XP security hole that a Swiss Google security
engineer, Tavis Ormandy, publicly released detailed information about last week. Ormandy
discovered the issue, a Windows Help and Support center flaw that allows easy access to
download Microsoft help files and launch remote support applications. It enables hackers
to take control of a computer by luring users to malicious websites that contain code to
exploit the hole, and it works with any browser.

The Google engineer had been in contact with Microsoft to notify them of the vulnerability and
request that a patch be developed. He has stated that he released the information because he
thought Microsoft was displaying irresponsibility by not committing to produce a fix for the
problem within a 60-day period.

Ormandy had been working and cooperating with Microsoft after notifying them of the 
vulnerability on June 5^th, but reportedly became frustrated with their progress after five days of
negotiating a fix. On June 10, Ormandy released the details of the vulnerability, complete with
working code, publicly via the Full Disclosure Mailing List. “This is another example of
the problems with bug secrecy (or in PR speak, ‘responsible disclosure’),” Ormandy said.
“Those of us who work hard to keep networks safe are forced to work in isolation without
the open collaboration with our peers.”

“We were in the early phases of the investigation and communicated [to him] on 6/7 that we
would not know what our release schedule would be until the end of the week,” said Jerry Bryant,
Microsoft’s group manager of response communications. “We were surprised by the public
release of details.”

Security experts are saying that it was unreasonable of Ormandy to expect Microsoft to
develop a fix within the five-day period. Graham Cluley, a senior technology consultant
for Sophos antivirus, calls the release of the information “utterly irresponsible,” and said,
“Five days isn’t enough time to expect Microsoft to develop a fix, which has to be tested
thoroughly to ensure it doesn’t cause more problems than it intends to correct.”

Microsoft has reiterated to customers that Windows XP is the only OS that is affected by
the issue, and has released an official security advisory regarding the issue. They have also
released a temporary workaround via Microsoft Fix It until a more permanent solution is in place.

On one hand, I believe that Ormandy’s release of the information was unprofessional at best.
On the other hand, I can see how the fact Microsoft couldn’t say within 5 days that they’d
have a solution within 60 days would be frustrating. Blog posts about the issue seem to be
siding with Microsoft, with many railing against Ormandy’s actions.