dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1738

Link Logger
MVM
join:2001-03-29
Calgary, AB

6 recommendations

Link Logger

MVM

MVP Summit Report

The MVP Summit Conference thus far.

Now the security stuff really doesn’t get going til Wednesday for us, but I’ll sum up Monday and Tuesday for everyone interest or for that matter general abuse.

Monday

Now I flew in Sunday afternoon and while I certainly have enjoyed spending some time playing with some technologies (Sharepoint guys using Wifi in our hotel now fear me ), next Summit meeting I go to (and I do hope I get to go to another one), I’ll be coming in Monday morning rather then Sunday, as Sunday/Monday was sort of a nothing day. Now I did get to meet with old friends, acquaintances and some otherwise, and I did thoroughly enjoy that and our raging discussions, but I’d rather have arrived on Monday and left on Friday.

So Monday was registration day, and and expo, but it was more a MVP expo then anything where the groups were our MVP leads. Of course the Canadian MVPs rocked and everyone in our team got a red hockey jersey and no doubt Canadians have proven themselves to be by far and away the tightest group here and many would say loudest as well (CANADA, CANADA, CANADA!!!). We have a great MVP lead in Sasha and he has worked very hard to ensure his MVPs are informed in engaged all the time. I used to complain to Microsoft that Microsoft Canada wasn’t connecting to its MVPs, but Sasha has changed all that big time, and now there are tons of opportunities to go in and help at a local and national level and he has been very helpful in connecting us to the people who can help. I’d say that Sasha is a lead in the same league as Emily who was truly great.

One group that was at the expo and I did seek out as I think they have an interesting product was the micro framework guys (»msdn2.microsoft.com/en-u ··· 253.aspx ). A couple of years ago I was attending a special security summit at Microsoft and I missed my bus from the hotel to Microsoft’s campus and jumped on the next bus thinking it was also going to our building, was I wrong as it literally contained a bunch of rocket scientist looking into microsystems for satellites and such. Interesting bunch to say the least, and swiping the bus afterwards was interesting as well as I found out two things, first the Microsoft campus is huge, and second its awkward to u-turn a bus on the freeway, anyways meeting this bunch then should have been a hint that Microsoft was entering this 'micro' space, and so when I saw the release of the Micro Compactframework ( »www.microsoft.com/downlo ··· ylang=en ) in February this year I was interested as I think it has some potential (I’m really a software developer). For example I sometimes wear a Spot watch and I can use this framework to build software for it, and other embedded devices (I’m thinking medical is a huge area for this). So I wanted to spend a little time talking to them and I’m glad I did.

Monday night was the regional diner, so everyone from the America’s had diner together (think hundreds and hundreds of people). Diner was nice, but frankly the MC well sucked, it’s a tough crowd so maybe it wasn’t all his fault. There were lots of other activities going on, but not being a gamer and such mostly we talked with a number of people which is what the Summit is mostly about for me, so that’s great. We talked for so long we managed to shut the place down and catch the last bus out of Dodge (Dave did try to catch the second last bus out of Dodge, but his Olympic Sprint wasn't up to it). Monday night went I got back to the hotel, I spent some time watching the 'airwaves' around me and so I can safely say, perhaps we better get a security guy in to talk to the Sharepoint MVP’s about safe usage of wifi .

Tuesday, of course I don’t do mornings and I try to avoid them as much as possible, so breakfast is right out. Now I managed to get there to hear Bill Gate’s keynote. The thing that really impressed me about his keynote was after his speech he took questions from the audience and his ability to listen and understand what people were asking was amazing. There were a number of people who asked questions that frankly didn’t make any sense to me at all, a couple of them I figured must have skipped their meds or something, but Bill not only figured out what they were asking and gave answers that gave their questions real meaning with a real answer. I was impressed with his response to one question that someone had about cheap laptops for developing questions, and his response was that’s not going to help and why. All the geeks in that room (yes I’m one of them), can't imagine a day without technology, but he explained that in these countries computers and software will do nothing (at this point in time). There is not power, no teachers, no internet, no food, no health, no voice, etc, etc and these are the areas that he is focusing on. Everyone in that room got it, that computers were not a fundamental requirement of life and really got everyone to think a bit about what the hierarchy of needs are and where we are and where the poor of the world are. Everyone got it that low cost computers were not the solution.

He talked about technologies that haven’t live up to his expectations, but that he is still hopefully that they will someday (things like tablets and natural language interfaces and such). He also mention that his goal wasn’t to build the China wall, but that he would rather build the bricks (ie volume is always better).

One thing he said that somewhat bothered me was the idea that everything in the future will be customizable. So what content and everything you want will be your choice. Now while this sounds great, I sometimes wonder if we over look the value of common bases of knowledge and or experiences. I find it amazing that as communities more connected, people become more physically isolated. We tend to know people half way around the world on a forum that we will never actually meet in person, better then we know our neighbor. I sometimes wonder if our indulgence in 'self' comes at a cost of our 'social' needs, but this I mean humans are social animals and perhaps the cruelest thing you can do to a human is isolate them, but yet we self isolate ourselves via technology.

The rest of the day Tuesday was spent in classes which tended to reflect our other interests. So I attended a presentation on the Developer Division Roadmap. Now there was a time when I wouldn’t touch a Microsoft development tool as I could slay any Microsoft developer with Delphi, which was a much better language and IDE then anything Microsoft could offer. Since then two things have happened, first Microsoft has gotten much better, VS2005 and C# are worthy, second Borland keeps sliding further into the ditch, so I made the move over to C# sometime ago for new development. The only thing that bothers me is the .Net Framework guys tend to be a step ahead of the development tool guys, meaning that there are things in the .Net Framework that are only marginally accessible from the development tools and second the development tools guys are a step behind the OS guys (ie Vista had some things that didn't work well with VS2005). Now that said the scope of the development tool guys is amazing. All the SDKs, interfaces and such are incredible. They show some things with the Office 2007 SDK that which were worthy and were clear evidence that the development tools now make thing possible that we long wanted.

The second presentation I went to was with Anders Hejlseberg who is a very bright fellow (he came from Borland and turbo pascal and Delphi etc). Now I could spend a whole day listening to Anders talk about programming, but this presentation was on LINQ (»msdn2.microsoft.com/en-u ··· 594.aspx ) which in a few words is how to get rid of SQL programming, and be able to truly treat data sources as objects. You should be able to treat a local XML file the same as a SQL Server database as they are both simply data objects and with LINQ you can. You don’t need to know SQL to get data out of a database. In short Anders is pushing to get programming to be more of a ‘what’ then a ‘how’ as programmers have to spend so much time on ‘how’ that its difficult to spend much time on the ‘what’ problem and that is backwards in Ander’s opinion, and frankly it makes sense to me as well. So LINQ is a way to drop the how do I get data to what do I do with the data.

The last meeting of the day was ‘Whats new and cool in Windows Mobile 6’. Now I have one of the original USRobotics Palm Pilots and have been using a PDA ever since then. My first PocketPC was a HP 3850 in late 2001 as I could see that software development was much easier and better on a Microsoft device then it was ever going to be on a Palm device and because that Palm was doomed to lose out in that market space (and people thought I was nuts for saying that then). Now certainly I’ll buy a Windows Mobile 6 device when the right one is released (I want a pocket pc model or whatever they call it now), but the focus of this release was on business and enterprise users and the next version will be more of a consumer focused release, but still there were some cool new features that I’d buy it for (I’m more an uber consumer user then business or enterprise user). I certainly hope that the hardware vendors up the memory space in this things as the only complaint I have with my JasJar is I wish it had as much memory (or more would be good as well) as my old hx4700.

Tonight we went to the Museum of Flight at Boeing (»www.museumofflight.org). This is my favorite aerospace museum, even better then the Smithsonian National Air and Space Museum (»www.nasm.si.edu/ ) as you can get closer to the planes and such (now granted the NASM has a Messerchmitt 262 »www.nasm.si.edu/exhibiti ··· 106.html which has to have some of the most beautiful lines of any aircraft ever). Now of course being a bit of an aircraft aficionado I enjoyed taking my time going through the museum, but there was lots of other things going on as no one chucks a party like Microsoft. There was the a jam room for those that want to grab a guitar and rock out, a karaoke room that was just nuts, a gamer room, etc. Simple put a good time was had by all, and if you didn’t have a good time, then its simply your fault as Microsoft did everything they could including good food and beverages (and lots of them, their might more then a couple of people feeling the pain tomorrow).

Now Wednesday is a heavy security day for us, so I should have a little more concerning security tomorrow.

Blake
Link Logger

Link Logger

MVM

You can read a transcript of Bill's talk here:

»www.microsoft.com/pressp ··· mit.mspx

It was brief in the sense it wasn't an hour long as the idea was to use the time for Q&A, which isn't part of the transcript.

Blake

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

1 edit

1 recommendation

Name Game to Link Logger

Premium Member

to Link Logger
Excellent Report Blake. Thank you very much..keep them coming when you have time. I will be reviewing it all day to digest all the info.

OT
One of the guys from Sharepoint called to ask if you put this on his desktop/laptop ?

Link Logger
MVM
join:2001-03-29
Calgary, AB

3 recommendations

Link Logger

MVM

Wednesday Report

Busy, busy day and no doubt I have forgotten a ton of details already, but it was an excellent day in that I learned a ton as well. These classes were short and sweet and highly technical (no marketing guys allowed anywhere within 25 miles of these discussions). So after an Executive Discussion with Lori Woehler we Russ

Bit Locker Encryption - Russ Humphries

Wow what a way to start the morning off, as this guy has this stuff down cold as perhaps he should being he is Senior Product Manager, Windows Vista Security. So what happens if someone get ahold of your laptop, they try to boot it up and hey good for you, you have a password that stops them from logging in, or otherwise starting your computer and getting the data. So what is Mr. Bad Guy going to do, well they are going to yank the disk and plug it in as a secondary drive on another system, or otherwise use another OS to boot and then read your drive. If you are using Bit Locker, oh so sad, to bad that will not work and your data is still very safely encrypted. This is about a BIOS/hardware based encryption scheme that definitely raises the bar to somewhere that most hackers (and a lot of world governments) are not going reach. The best part of this discussion was the why this can't be don't with smart cards as it requires a fudge factor to pass the key from the 'mini' OS that starts the system to the main OS that is the system and that this 'passing' isn't as safe as how Microsoft currently has it (ie the Smart Card vendors have some house keeping of their own to do first before Smart Cards become part of the disk encryption plan). Russ did a hell of a job on this topic and even included some discussion as to what can be done when you forget or otherwise lose the 'password' (when you set this up, it will want you to save a backup key and its up to you to save it somewhere). Ultimately this does hugely increase your security from prying eyes but does become a key management issue (ie don't keep the boot up USB key in your bag with your bit locker protected laptop, as well as management of the backup keys). Ultimately this was very cool.

Security - NAP - Amith Krishnan

Another Senior Product Manager who know his stuff. NAP is Network Access Protection which is basically how do I keep infected or otherwise 'bad' systems off my network where they can do damage. This is really about levels of confidence that a system is in fact healthy and can be allowed to connect or how it can become healthy enough to connect (ie its fixed before it can join the network). The part that was interesting here is that its really is easy to deploy and will be coming soon to a network near you. If you have traveling laptops, rejoice as some serious help is on the way with NAP.

Wireless Security - Shawn Travers

This session didn't go as well as I would have hoped. Wireless Security is relatively simple in that use WPA, don't turn off SSID broadcasting, etc, etc, but there are some things to be aware of such as how does the connecting client proceed down the list of access points to try and such. I had wanted this to go into things like Bluetooth and such as there are real issues in wireless security, but our group just couldn't hit its stride in the time we had.

Security - MSRC/PSS

Sorry missed this one, as I was out discussing social implications of the the internet. Great discussion with an actual Doctor of Psychology.

Security Compete - Jeff Jones

OK all you Linux and Apple guys, run and hide, put your fingers in your ears or otherwise start your denial engines and crank them up to full power. Jeff is an interesting guy as it his task to compare where Microsoft is at compared to other OS's. Having done something similar in the past I understand the difficulties of comparing OSs int terms of exploits and such and frankly I'm comfortable that he really is trying to make a fair comparison, but I'm still betting that Apple, Linux and everyone else on the planet would love to kill him as he is a threat to their false little worlds that they are 'safer' then Windows, bzzzt oh so sorry buy they are wrong please see »blogs.csoonline.com/janu ··· corecard for more.

Card Spaces - Nigel Watling

Again another good discussion, but I've been hearing about Card Spaces for some time now, lets get them out there and start using them. Now this just isn't Microsoft's thing as its the whole industry that has to make this happen. In short Card Spaces are about identity and for more see »msdn2.microsoft.com/en-u ··· 320.aspx for more.

Vista Security - Mark Russinovich

Few people know how an OS works like Mark, and it a real pleasure to hear someone like this who is as smart as he is (PhD Computer Science), but still is so hands on (or more so deep inside the guts) of the OS. His topic today was UAC and what it does and how it does it. Now let me give you a piece of his advise, don't turn of UAC yet, as once you finish poking around Vista and hence getting annoyed at all the UAC popups, and start to get into a regular routine UAC becomes less of a problem for you. Also while you can run as Admin (Vista treats admins as Clark Kent's until they have to change into their Superman Admin suit), run as a regular user as that was the purpose of UAC, and log into an Admin account only when your doing Admin type work and when your don't log back into your regular user account. If you want to learn more then check this out as it is very much what was presented today »blogs.technet.com/markru ··· 372.aspx and for his blog see »blogs.technet.com/markru ··· ult.aspx

Now there is a 'security' topic that I'm very concerned about right now and its one of my driving factors to be here, and I think I managed to drive home that perhaps Microsoft isn't doing as well as it could or should be doing and that is in the area of parental monitoring of children. I've done the MSN Premium thing, Family Security thing with Live, and today I think I made my point that even Vista has some outstanding issues that need to be fixed, in short Microsoft has issues or is coming up short in every implementation of parental monitoring features and functions. Shawn Travers is a Microsoft Evangelist and so he tried some of these things which he thought would work and also found it 'lacking', and I think he will help me find who is responsible for this in Vista and demonstrate to them these issues so they can fix them. So I'm feeling good about this in that I think the point has been made and the wheels will be set in motion to fix the problems as I think that Shawn 'got it' and understands why its very important to get this right and soon. So I think I made some real progress today in terms of getting what I think is an important issue elevated a bit in Microsoft's grand scheme of things.

Its 3:30 AM again so its time to get some sleep as its a long day and I'm flying home late Thursday night, so I'll leave this as is tonight and hope that it gives a bit of an idea of what happened today and where to find some additional information on topic we heard about in case anyone is interested in learning more, I know I am.

Blake
bluezanetti
Premium Member
join:2003-10-04

bluezanetti

Premium Member

said by Link Logger:

...frankly I'm comfortable that he really is trying to make a fair comparison, but I'm still betting that Apple, Linux and everyone else on the planet would love to kill him as he is a threat to their false little worlds that they are 'safer' then Windows, bzzzt oh so sorry buy they are wrong please see »blogs.csoonline.com/janu ··· corecard for more.
Blake,

At least my own simple metric, and I know a number of individual users in each camp, is that I've never seen an end user on OS X or Linux as thoroughly compromised as a Windows user, never. I realize part of that is infection opportunity, but a fair amount is related to fundamental design and implementation decisions and MS still appears a bit behind the curve.

Blue

norwegian
Premium Member
join:2005-02-15
Outback

1 edit

1 recommendation

norwegian to Link Logger

Premium Member

to Link Logger
said by Link Logger See Profile

Now there is a 'security' topic that I'm very concerned about right now and its one of my driving factors to be here, and I think I managed to drive home that perhaps Microsoft isn't doing as well as it could or should be doing and that is in the area of parental monitoring of children. I've done the MSN Premium thing, Family Security thing with Live, and today I think I made my point that even Vista has some outstanding issues that need to be fixed, in short Microsoft has issues or is coming up short in every implementation of parental monitoring features and functions. Shawn Travers is a Microsoft Evangelist and so he tried some of these things which he thought would work and also found it 'lacking', and I think he will help me find who is responsible for this in Vista and demonstrate to them these issues so they can fix them. So I'm feeling good about this in that I think the point has been made and the wheels will be set in motion to fix the problems as I think that Shawn 'got it' and understands why its very important to get this right and soon. So I think I made some real progress today in terms of getting what I think is an important issue elevated a bit in Microsoft's grand scheme of things.

Blake


Thanks for an entertaining read. Read last years, and even though most is out of my league, I am glad you brought up this point. If the internet and computer's in every household is the future, we do not need our children's future obscured by the low life that swarm out there looking for victims.
dave
Premium Member
join:2000-05-04
not in ohio

1 recommendation

dave to Link Logger

Premium Member

to Link Logger
Thanks for writing my trip report!

NanDog
The Pup Was Female, I'M Not
Premium Member
join:2003-12-28
Bremerton, WA

1 recommendation

NanDog to Link Logger

Premium Member

to Link Logger
Blake, even though much of your report is way out of my league (not to mention the limited 'puter information my poor old head understands), I do so much appreciate your posts about what you experienced. It gives us normal folks a little more understanding about the world in which you real geeks exist!

As it's now Thursday night, I wish you a safe flight home!

NanDog

Link Logger
MVM
join:2001-03-29
Calgary, AB

Link Logger to dave

MVM

to dave
said by dave:

Thanks for writing my trip report!
Now that I'm back in Calgary, I'll add the last day of the MVP Summit hopefully Friday night as I suspect you will want the full report to give to your boss.

Blake

NICK ADSL UK
MVM
join:2004-02-22
united kingd

1 recommendation

NICK ADSL UK to Link Logger

MVM

to Link Logger
Many thanks Blake on your reporting from this years 2007 MVP Summit. It sounds like you all had a good time there. Hopefully when everyone's back safe and sound and of course rested maybe a few snaps would be nice to see if anyone of the team have taken any

Steve
I know your IP address

join:2001-03-10
Tustin, CA

2 edits

5 recommendations

Steve to Link Logger

to Link Logger
Every year I write up one of these trip reports as well, but this time circumstances conspired against me. Several very serious customer issues arose while I was travelling, plus a serious illness of a family member back at home (guilt guilt guilt for leaving), really made it hard to get fully immersed into the Summit.

As usual, Microsoft did a tremendous job taking care of us, which (by proxy) is taking care of their customers.

I wore my Linux "tux" lapel pin right next to my MVP pin, and (as usual) was well received. The usual good-natured ribbing, but I have never even once gotten the slightest hint of real pushback.

The regional dinner on Monday was nice: the food was excellent, and I got to meet some of my MVP friends outside the security specialty that I knew online, but would never run into otherwise - it was a huge crowd. But, as Blake suggested, the emcee for the night was badly matched to the crowd, and it took about 30 seconds for me to realize it was not going to go well for us tonight - it was very painful. I addressed this threat with frequent trips to the bar to the point of overcompensation :-)

We managed to get a group photo (from the professional photographer there) of all the DSLR MVPs who were there, and at some point I'll figure out how to retrieve it and post.

Tuesday was a very rough day for me: horribly serious meltdowns at two customers, very poor wireless to be able to address it, and I was completely preoccupied all day - really just sick about it.

I did catch most of Bill's talk, and though he's an amazingly insightful guy, it was certainly more dry than the usual Steve Ballmer fare. Steve B is a fantastic speaker, and I missed his not speaking.

There was a substantial Q&A session, and it's clear that a lot of MVPs think that question time == speech time. Last Summit I asked all the executives one simple question: "Are you an administrator on your own desktop", but Vista makes this question less interesting. Had I not been so preoccupied, I would have asked "What happened to 'spam problem solved in two years'?" Oh well.

In the afternoon I did catch parts of the Longhorn Server directions talk, and one on SQL Server, but I was in the throes of horrible meltdowns. It was an awful afternoon - Tuesday was mostly lost to me.

The Museum of Flight in the evening was really tremendous. It's at Boeing Field, and it's a huge place. I was commenting with somebody as I went in: "Too bad they don't have a Blackbird", and the reply was "They have two". You really can touch an SR-71. Wow!

A huge spread, all the MVPs were there, and even though I am not really a museum type, I found plenty to enjoy. I could certainly take a whole day going through this place.

The food was good (though not nearly as good as at the regional dinner), but the bars were all properly stocked. I still had my nightmares on my mind, so left a bit early and tried to attend to them back at my hotel.

Turns out I could not get wireless in my room, the Ethernet didn't work, so the only thing I could do is camp out in the hotel bar and get a weak wireless signal from some other place in the hotel. 10% packet loss makes remote desktop tunneled through SSH very painful.

By Wednesday, my nightmares were more under control so I was able to attend the sessions, and I managed to take good notes on a few of them.

I got interrupted a lot during the BitLocker (drive encryption) talk, and this really disappointed me because I wanted to really understand this with respect to the TPM (Trusted Platform Module).

I know that TPM is controversial, and I am sure that there are things it's used for that I'd not be happy with (lots of the DRM is probably that way), but the ability to well and truly crypt a drive is both an important and a hard problem when you look at all the angles.

Hint: the consumer/home laptop is not the hardest problem, it's the enterprise where you really do need key recovery and the like. Sadly, I did not manage to take any notes on this.

Longhorn Server Security & NAP

This was a useful talk that mostly addressed NAP - Network Access Protection - which I have been interested in for the last coupla Summits. It addresses (among other things) the problem of the idiot sales VP bringing his infected laptop to work and hosing the corporate network: why attack the firewall when you can just send your malware in via diplomatic courier?

When the idiot VP connects up, he gets an IP address that gives access to a very limited set of resources (certainly not the whole network.

A System Health Agent on his laptop presents a Statement of Health: my A/V is this much up to date, scan last run on $DATE, patched up to this level, etc. and a server compares that with policy. If the system is "healty" - a defined by the network admin - it's given access to the rest of the network.

If unhealthy, then the network access is widened slightly to allow access to a Quarantine Server - here it receives remediation services. Here's this patch, here's that A/V update, please try again.

The machine submits a new Statement of Health, and the process runs again.

The interesting question came up about access to the System Health Agent API: it's available only under NDA. The problem with asking a remote system "How healthy are you?" is that it's possible for it to lie, and it strikes most of us as plausible that malware may attempt to spoof the health checks.

In this respect, NAP is not a hard-core security boundary, but merely an attempt to make the problem better. I really like it.

We asked about dealing with unmanaged devices: you have an HP printer on the network that's obviously not capable of engaging in these health-check dialogs, and it wouldn't be so hard for a bad guy to unplug the printer and jack in a laptop with the same IP. How do you fix this? "It's a hard problem"

They deployed NAP full to the Microsoft campus, and found it went incredibly smoothly. I would not have expected this to go so well, so this is a good sign.

They talked about using IPSec for server and domain isolation, and though they are interesting, it's mainly only so in an enterprise environment.

What I was really excited about, both in Vista and Longhorn Server, is VPN Routing Compartments.

Essentially: each network interface and user session can have its own routing table, so when Dad is logged in with the VPN to work, the kids (logged in via their own accounts) do not have access to those VPN routes and can't infect the corporate server by whatever crap they are downloading.

This is in Vista now, and I love it. I'm curious to see how it's implemented (I've never heard of this kind of thing for Linux).

This was all part of the complete rewrite of the IP stack, and others have commented that this is going to open the door for a new round of bugs. This is probably true, in the sense that new code is less reliable code, but to accomplish what they wanted to do, a clean slate was probably necessary.

Windows CardSpace

I had never heard of this before, and was really intrigued. This is about the identity metasystem, and the oversimple description is that it's vCards for websites.

You can have personal cards that you create, or managed cards issued by a business or organization, and they're all containers for personal information.

Example: you visit a website and wish to login. If the website supports CardSpaces, you click the proper button and your browser brings up a list of your cards - you can pick one to send, and it provides whatever information is included.

The request for a CardSpace includes a list of things it wants, and it can include both required and optional components. "Name" and "Email address" might be required, with "city, state, gender, date of birth" could be optional, and the selector only shows cards that satisfy these requirements.

Your personal card includes whatever you care to provide, but a company-issued card (which might include your employee number, signed by the issuer) may well be what's required to provide you access to company websites.

There all kinds of provisions to give you complete control over which data you send, how this solves much of the phishing problem, and it addresses all kinds of other problems of secure identity provision.

I am doing it a disservice by describing it poorly: better to read about it yourself - example ref here:
http://msdn2.microsoft.com/en-us/library/aa480203.aspx

User Account Control

This was given by none other than Mark Russinovich, formerly of SysInternals and now of Microsoft. He used to be an MVP, so was well acquainted with us :-) He gave a great presentation.

Note: I have not used Vista yet and don't have any direct experience with UAC.

Most of the experiences with UAC are in those prompts, but it's really interesting to see what goes on under the hood - there is a lot of virtualization that makes it possible to run poorly-written software in a safe way on Vista.

Virtualization of the filesystem and the registry are two key parts: if an application is running in virtualized mode, then write access to key areas is put in a per-user area rather then attempting to modify system-wide data.

%ProgramFiles%
%AllUsersProfile%
%SystemRoot%
%SystemRoot%\system32

Attempts to write to these are redirected to %YourUser%\AppData\Local\VirtaulStore\$PATH, and it's all transparent to you.

As a non-admin user, you could get to a command prompt and go to the C:\Windows directory, and attempt to create a file there. Let's see how it works on XP:

Start » Run » cmd:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\steve>cd \windows

C:\WINDOWS>echo hello > test.txt
Access is denied.

C:\WINDOWS>
This is as it should be.

But in a Vista executable that's running with virtualization, this succeeds, but (without our knowing it), the write is redirected to a private virtual store under your own user profile area.

If, in the C:\windows directory, you attempt to "dir *.txt", you'll see the file as if it really was in that directory.

The virtualization flag is settable in Task Manager, so your command window example can toggle this on and off - we could see the access-denied message when he disabled it.

Similar virtualization is for HKEY_LOCAL_MACHINE\Software and a few other obvious locations.

I didn't get good notes for this, but they had a handful of other AppCompat-like settings for how to fake out an application that really insists on running as an admin - the one that comes to mind is lying to the app about whether the user is part of the administrator's group or not.

This is necessary for that poorly-written application that checks for group membership rather than access to the actual resources involved, and this fooler mechanism helps get around it.

They also support the notion of process Integrity Levels, which limit how two processes can interact. A low-integrity process (like IE) is not allowed to do "stuff" to a higher integrity process: this includes things like write memory, send certain kinds of window messages, and other mechanisms of interprocess control.

This means that even if IE is compromised, it limits what the bad stuff can do. The whole notion of integrity levels is kinda complicated (but comes from classic security compartmentalization), and looks to be a really good effort.

Mark urged us not to turn off the UAC prompts: when you get Vista, you're going to do lots of knob-turning for the first few weeks, and this overemphasized the view of what the longterm experience will be. Once it settles down, you'll get many less prompts, and it should be a lot more manageable.

Unfortunately, I haven't tried any of this yet, but considering that I run as non-admin on my own XP desktop (and have been for years), I'm confident I'll keep the UAC prompts when I finally dive in.

----

This marked the end of the day's sessions, so we headed off to the Microsoft Company Store for some booty, and then to the platform dinners that evening.

It was just the Security MVPs, and seemed kinda lightly attended by Microsoft people. The food (and white wine) ran out early, but I did get to two-step with CalamityJane See Profile - that's always a pleasure. She's such a sweetie.

----

Friday morning I was only able to attend one session, on Windows Defender, but it was entirely Q&A and I didn't keep any notes. The presenter was very good, and he touched on lots of issues of A/V comparisons and how the Microsoft anti-malware offerings didn't score so well.

He made the case that some of the comparisons weren't entirely fair, but others were and he said it was a big wakeup call for them. I bet :-)

At that point I hopped in a cab with dave See Profile to the airport and headed home.

Whew.

CalamityJane
Premium Member
join:2002-08-27
Eustis, FL

1 edit

5 recommendations

CalamityJane

Premium Member


Steve and Jane - working hard (not)
 
Click for full size
Mark Russinovich
Click for full size
Good one of Blake at least

Tashi, Sean O'Driscoll, Jane
Got a few pix I can post (all are not in yet or I don't have permission for all in some of the group shots)

Sean O'Driscoll is:
General Manager, Customer Service and Support Community and MVP at Microsoft

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game to Link Logger

Premium Member

to Link Logger
Super..wide awake smiling faces

Link Logger
MVM
join:2001-03-29
Calgary, AB

Link Logger

MVM

said by Name Game:

Super..wide awake smiling faces
I don't think I managed to get more then 3 hours of sleep any night I was in Seattle. Normally I'm a stay up really late (3:30 - 4:00 am or later), and sleep till about 9:00 am, but here you have to get up early too so by the end of the week, I was a bit of a wreck. When I flew home I don't think I lasted more then 30 seconds after take-off and I was sleeping like a baby, and had the pilot not stuck it so hard on the landing (I thought he blew a tire), I would have slept though the landing (wouldn't have been the first time, worst way to wake up in the world, sleeping through a landing and then having the pilot jump all over the brakes and thrust reversers such that you slam face first into the seat in front of you as for that moment of wake-up haze your not sure if you have landed or crashed).

Blake
Link Logger

Link Logger

MVM

Defender

Unfortunately I missed most of it as I had to check out of the hotel in the morning and then got caught in some traffic, sorry.

ForeFront

We had two talks next on ForeFront, which is interesting and I can think of a number of companies that I currently deal with that would benefit hugely from ForeFront. ForeFront isn't just another anti-virus, it is so much bigger then that. Think of what you would want from a security tool, you want protection on various levels (clients, servers, edge) all working together and with reporting so you could monitor not just a system, but your whole environment. Frankly if your a company that is feeling a little unorganized about your security and monitoring systems then you need to take a look at Forefront starting here »www.microsoft.com/forefr ··· ult.mspx

Security in IE 7

Some areas as by now I was starting to crash, but was and excellent presentation

vitalization

- IE runs under least permissions and since a Low process lacks the privilege to write to most locations in the file and registry, the File & Registry Compat Shim virtualizes some common file system folders and registry keys. Those file and registry locations are redirected to per-user Low-integrity virtual locations where they can't affect the real versions. The virtualized file system is in the Temporary Internet Files the same general place IE caches web files. If an add-in attempts to append to an existing file, the shim applies a 'copy-on-write' approach, first copying the file to the corresponding virtual location, with the actual append happening only to the virtualized version. If the add-in attempts a file and a real version of a file and a virtualized version both exist, the shim makes the add-in read the virtualized version. The shim does not otherwise affect reads. Registry vitalization works similarly. Note that Vista's UAC vitalization does not apply to Protected Mode; if an add-in attempts to write to sensitive areas will not be redirected and they will just get an Access Denied error. This hidden section is for Dave's boss as I'm sure he would like to hear about how we had to bail Dave out of jail. I'm still not sure what the charges were as I'm still trying to figure out the cantaloupes in the back alley behind the hotel part, as once they read over that part of the charge, I'm afraid I was either too confused to understand the rest of the charges or my brain went into weirdness prevention shutdown mode. Now of course I'm just kidding, and David was a lot of fun to hang out with and a good security guy to boot but this would be an example of why you should read over something before you submit it to your boss .

Phishing
- Phishing sites list is maintained by Microsoft and is feed by community involvement, meaning you can submit sites to them and they will check them out and add them to the list if they are phishing sites. The other thing is consistent use of colors and symbols to indicate questionable or evil sites.

Zones
- used to limit what can be done in each zone, plus isolation in that things can't cross zone boundaries so cross scripting and such will not work. Learn these and get used to them and they will help you to get the most from your browser environment at the least risk.

Vista
Works better and safer in Vista then say XP as in Vista IE takes advantage of the OS security features which are missing in XP.

Thursday afternoon was a lunch and another trip to the Microsoft Store which ultimately didn't go very well, in the sense that someone forgot to mention something to our newbie Security Lead, but I'm sure that it will all work out in the end.

After that we had a security party, now again I wish someone would have remembered the 'Bellevue' part when they told me this party was downtown, so I thought I'd leave my luggage at my hotel in downtown Seattle as I had to leave the party early in order to catch my plane. So I thought I could hit the party zip over to my hotel and then head to the airport, as it turned out I hit the party, got caught in traffic heading for downtown Seattle from Bellevue to get my luggage and then had to beam it from there to the airport ($80 cab fair for the full trip). Fortunately the cabbie was excellent and I made it on time. But I was also sorry I had to leave the party early as there were some great door prizes and they had a once world highly ranked pool player do some trick shots and such for us. This guy was incredible as I couldn't even arrange the balls like he was (imagine stacking balls vertically!). In the end I was sad to leave as I really enjoyed the conference, I got to meet lots of people, both old friends and new from all over the world, and I got to learn lots, what could be better.

Blake
Link Logger

1 recommendation

Link Logger

MVM

Click for full size
As I mentioned I forgot my camera so I don't have any pictures, but here is a spectrum analysis from inside the Microsoft Conference Center, can you get which channels are in use? Note there are a 'high' number of wifi users as you can imagine.

Blake

NICK ADSL UK
MVM
join:2004-02-22
united kingd

1 edit

NICK ADSL UK to CalamityJane

MVM

to CalamityJane
Some nice photo's there JANIE and so glad you all seamed to have a good time And Blake you sure look good on three hours sleep. Welcome home folks
astirusty
Premium Member
join:2000-12-23
Henderson, NV

astirusty to Link Logger

Premium Member

to Link Logger
said by Link Logger:

Security Compete - Jeff Jones

... oh so sorry buy they are wrong please see »blogs.csoonline.com/janu ··· corecard for more. ...
The charts would be more meaningful (or to the point) if the charts reflected both fixed and un-fixed vulnerabilities. One could view the charts as indicating that Microsoft does not fix vulnerabilities as well as others do.

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game to Link Logger

Premium Member

to Link Logger
said by Link Logger:

This hidden section is for Dave's boss as I'm sure he would like to hear about how we had to bail Dave out of jail. I'm still not sure what the charges were as I'm still trying to figure out the cantaloupes in the back alley behind the hotel part, as once they read over that part of the charge, I'm afraid I was either too confused to understand the rest of the charges or my brain went into weirdness prevention shutdown mode.

Blake
It is still being investigated since a few have not yet made it back from the Summit. I am sure Dave will be cleared once they calculate the trajectory at Carnegie Mellon.

ht tp://www.youtube.com/watch?v=5OQfUOXDHLQ
astirusty
Premium Member
join:2000-12-23
Henderson, NV

1 recommendation

astirusty to Steve

Premium Member

to Steve
said by Steve:

User Account Control
Mark urged us not to turn off the UAC prompts: when you get Vista, you're going to do lots of knob-turning for the first few weeks, and this overemphasized the view of what the longterm experience will be. Once it settles down, you'll get many less prompts, and it should be a lot more manageable.
This is one of the places where I see the whole Vista security model failing. It is one thing for MS to ask MVP's not to turn off UAC and deal-with/understand the prompts and security implications -- It is an entirely different matter for MS to ask and expect that from their majority customer base.
Vista may be very secure when setup and run by experts, but the majority of Vista users are far from experts.

MS might really benefit by having meetings with regular users (non-MVPs) whereby MS's key executives, managers, developers, and engineers get asked real world questions from their majority customer base.
As in some of the security questions that are asked in this forum.
astirusty

astirusty to Steve

Premium Member

to Steve
said by Steve:

Last Summit I asked all the executives one simple question: "Are you an administrator on your own desktop", but Vista makes this question less interesting.
Hmmm, from the UAC perspective of Vista this sounds like a interesting and very applicable question. Maybe a little to "loaded" to be asked?

I often wonder if those making claims of how reliable and easy MS Windows XP or Vista is to use -- run more than just a few MS applications or really do their own administration.

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game to astirusty

Premium Member

to astirusty
said by astirusty:
said by Steve:

User Account Control
Mark urged us not to turn off the UAC prompts: when you get Vista, you're going to do lots of knob-turning for the first few weeks, and this overemphasized the view of what the longterm experience will be. Once it settles down, you'll get many less prompts, and it should be a lot more manageable.
This is one of the places where I see the whole Vista security model failing. It is one thing for MS to ask MVP's not to turn off UAC and deal-with/understand the prompts and security implications -- It is an entirely different matter for MS to ask and expect that from their majority customer base.
Vista may be very secure when setup and run by experts, but the majority of Vista users are far from experts.

MS might really benefit by having meetings with regular users (non-MVPs) whereby MS's key executives, managers, developers, and engineers get asked real world questions from their majority customer base.
As in some of the security questions that are asked in this forum.
Hogwash..it is a new technology..it will give the user one more layer of Security in Vista..and if they turn it off Vista will still be more secure than WinXP for so many more reasons than just this UAC.

Even when Microsoft made moves to make WINXP PRO more secure with SP2.. and then came out with protection features in IE7..the "user" you are talking about turned off or disabled every thing they could find that hindered them from downloading and installing every piece of junk they could find on the net and then continued to cry foul each time they had to hit a hijackkthis cleaning site, do an online scan since they did not want to be hindered with a firewall or a third party AV product or reinstall the OS.

Steve
I know your IP address

join:2001-03-10
Tustin, CA

Steve to astirusty

to astirusty
said by astirusty:
said by Steve:

Last Summit I asked all the executives one simple question: "Are you an administrator on your own desktop", but Vista makes this question less interesting.
Hmmm, from the UAC perspective of Vista this sounds like a interesting and very applicable question.
I have zero experience with Vista, and at the time of the exec day I did not really even have a handle on the various ways to run as a Vista user - I could not have framed a proper question.

I have since gotten a better handle on this and probably would have asked "Do you have UAC enabled" or "Are you running in Admin Approval Mode".
Maybe a little to "loaded" to be asked?
I can assure you that MVPs are not shy about asking much more difficult questions than this - I would have not had the slightest hesitation about asking this question had it occurred to me at the time.
I often wonder if those making claims of how reliable and easy MS Windows XP or Vista is to use -- run more than just a few MS applications or really do their own administration.
I wonder if I qualify? I've found XP/SP2 to be by far the most stable Windows release ever.

Before XP/SP2 (Win/386, WFW3.11, NT 3.51, NT4, Win2000, XP), I had to reload my OS about every 9 months, because I have an incredibly wide variety of applications to support my various customer projects. It was always a three-day reload-fest once something got dorked (which is beyond human capacity to repair), and I hated it.

But I have not had to do this since I installed XP/SP2, several years ago. I'm reaching that point, however, as I am now running into dorkage I can't debug, but that's a looong time for a Windows box with as much odd activity as I have on mine.

And I have not been an admin on my own workstation since SP2.

Steve
Steve

Steve to astirusty

to astirusty
said by astirusty:

This is one of the places where I see the whole Vista security model failing.
I am still open to UAC not being the right solution to this problem, but I believe that the underlying driver to this is the fundamental tendency of users to install stuff they should not.

That is not a weakness in the OS, but a weakness in the user, and the very usability that makes the system so wildly popular contributes to its very insecurity. That grandma can use the system without being an expert means that you have to build a system that doesn't require an expert.

What would you suggest instead?

Steve

Link Logger
MVM
join:2001-03-29
Calgary, AB

Link Logger

MVM

I got in right at the end of the Defender discussion and one person was commenting that his kids didn't know how to respond to Defender prompts, so I made a suggestion that why not be able to configure Defender to perform the 'safe' action by default and not ask the user anything, just tell them. So for users where I trust Defender to make the correct safe decision more so then the user, I would enable this feature, for others, let Defender ask and let the user decide. I mean as these technologies get better, why not let the application make the safe call, what is the worse that can happen, my kids complain to me when I get home that application xyz wouldn't install, which is better then having to come home to an infected system.

Blake
Link Logger

Link Logger to astirusty

MVM

to astirusty
said by astirusty:

The charts would be more meaningful (or to the point) if the charts reflected both fixed and un-fixed vulnerabilities. One could view the charts as indicating that Microsoft does not fix vulnerabilities as well as others do.
You might want to keep checking that site as there might be something in the near future that would include information about that.

Blake
astirusty
Premium Member
join:2000-12-23
Henderson, NV

astirusty to Name Game

Premium Member

to Name Game
said by Name Game:

Hogwash..
Oh Pig-bathe! Read some of the Vista reviews, where the reviewer got feed up with UAC nagging queries and either turned of UAC or went into click-accept-n-forget mode. Then realize your average Windows user is going to be worse.
said by Name Game:

... the "user" you are talking about ...
The user I am talking about is your majority Windows user. Brain-fried, computer naive, and filled with marketing B.S. about how safe and secure PCs are. You know, the ones who keep the "Bot Nets" well stocked.
astirusty

1 recommendation

astirusty to Steve

Premium Member

to Steve
said by Steve:

What would you suggest instead?
User initiated modifications to the OS directory (as in C:\windows) should require entering a special mode, one that goes beyond click cancel/accept.** The requirement forces several things: 1) Users have to stop and think if the modifications are worth the inconvenience. 2) The OS is protected from on-the-fly modifications. 3) Forces 3rd-party software vendors to re-write their software so it does not require modifying anything in the OS directory. (#3 would be promoted by #1)

**I believe I posted something similar here - some years back. It went along the lines of a complete separation of MS OS, MS applications, trusted/registered 3rd-party applications, and status-unknown applications with regards to separate directories, different executable permission levels, and user capabilities for installation, and mode of operation required for installation. Went over like a lead brick because of the suggestion of "registered" 3rd-party apps.

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

Name Game to astirusty

Premium Member

to astirusty
said by astirusty:
said by Name Game:

Hogwash..
Oh Pig-bathe! Read some of the Vista reviews, where the reviewer got feed up with UAC nagging queries and either turned of UAC or went into click-accept-n-forget mode. Then realize your average Windows user is going to be worse.
said by Name Game:

... the "user" you are talking about ...
The user I am talking about is your majority Windows user. Brain-fried, computer naive, and filled with marketing B.S. about how safe and secure PCs are. You know, the ones who keep the "Bot Nets" well stocked.



Let's get a few things straight. Any "well stocked bot nets" out there (and many do exist on Computers and servers that do not have an Operating System from Mircosoft contrary to popular belief )IF on Microsoft OS systems and PCs, are where the user refuses to update their Microsoft software or they can't because it is pirated in the first place and they know it.

Now all those blogger can keep on slopping the hogs out there all they want to those that did not have the sense to update XP to SP2, much less run as limited users from the get go, which not only made sense but was crucial to their survival from the Butcher.

The effort it takes to get rid of UAC on Vista is not like brushing your teeth. Any developer who codes for Vista better learn how to sell their proggies without running as admin and keep their cotton pickin' hand out of the kernel.
That is the real issue...no matter how others try to hype it.
***************************************

»blogs.msdn.com/uac/archi ··· 165.aspx

"Sometimes I feel like a doctor who keeps telling their patient to quit smoking. Or the parent who keeps telling their kid to use their bike helmet or seat belt.

I normally tend not to blame the user, though. It's not like they have a choice sometimes. Too much garbage out there requires admin access just to run. That's what really needs to change, and if it takes an annoying UAC prompt to do it, well, too bad. This is Microsoft's OS. You want to develop for it, you develop by their rules.

Vista Team: Don't bend to public pressure. You're in a unique position to dictate the new terms of desktop computing, and finally force PC security to evolve. Let the Linux and MacOS X fanatics whine and moan; after all, you're just practicing what they were preaching for the past decade. And let the users whine and moan, too; they will make developers fix their garbage or go out of business by ignoring them.

non-admin blog

»blogs.msdn.com/aaron_mar ··· nts.aspx

***************************************
astirusty
Premium Member
join:2000-12-23
Henderson, NV

astirusty

Premium Member

said by Name Game:

Vista Team: Don't bend to public pressure.
Your missing my point. The idea of asking the user whether or not to continue (safe) or cancel (un-safe) is not going to do anything more than result in training users to instinctively click "continue". The majority of PC user have no idea if something is safe or not safe. He11, even if you presented them with information about what is going to get changed, they wouldn't know if it was good/bad, or safe/un-safe.
said by Name Game:

You're in a unique position to dictate the new terms of desktop computing, and finally force PC security to evolve.
When I have suggested this before, others here have argued that MS can't control the platform, because of 3rd-party developers. Good luck...