Sunday, February 16, 2014

Microsoft Windows 8.1 Legacy (x86) - UNSAFE FOR GENERAL USE

by Dietrich Schmitz

You are reading this wondering what that means. Google Engineers have, in earnest, attempted to bolster Chrome for Windows by placing it in their own crafted (Not Microsoft -- they don't have one) security sandbox.

Despite their best efforts, they have posted to their Chromium developer website that they cannot guarantee your security if you use Microsoft Windows.

Here is their disclaimer:

Other caveats

The operating system might have bugs. Of interest are bugs in the Windows API that allow the bypass of the regular security checks. If such a bug exists, malware will be able to bypass the sandbox restrictions and broker policy and possibly compromise the computer. Under Windows, there is no practical way to prevent code in the sandbox from calling a system service.

In addition, third party software, particularly anti-malware solutions, can create new attack vectors. The most troublesome are applications that inject dlls in order to enable some (usually unwanted) capability. These dlls will also get injected in the sandbox process. In the best case they will malfunction, and in the worst case can create backdoors to other processes or to the file system itself, enabling specially crafted malware to escape the sandbox.
That's quite troublesome when you think about it. Google Engineers post up a 'caveat' -- their legal disclaimer, if you will.

Simply put, Windows 8.1 legacy (x86) uses a legacy code base going all the way back to the Windows 2000 WinNT kernel.

Microsoft cannot fix the security issues which are under eternal attack unless they completely rewrite the operating system from the ground up. Enterprise is 'married' to the operating system with applications which must run 24x7. Microsoft cannot rewrite the code which is heavily depended upon. They have a dilemma and they really don't want you to know about it. They just keep diverting your attention to 'the attackers' away from themselves as though they have no responsibility.

This is the cost of using proprietary software. Unlike Open Source Linux, no one can see the code of Microsoft Windows, review it, inspect it for defects -- FOR MICROSOFT EMPLOYEE EYES ONLY.

This is the disadvantage that one accepts when agreeing to the Microsoft software licensing terms. Microsoft own the code -- the Licensee does not.

So, why not consider making a switch today to Gnu Public Licensed Linux and own the code? It's yours for free and it is so secure, I'll even say Fedora 20 Linux is the safest operating system on the Planet.

Fedora 20 Linux running LXDE

Be safe with Fedora Linux.

I stake my reputation on it.

-- Dietrich

Enhanced by Zemanta


Post a Comment