Tag: attacker

Windows 7 Security Evolution

October 07, 2009 by Jason

Confronted with increasingly bulletproofed Windows operating systems, the threat environment shifted toward targeting vulnerabilities in the code designed to run on top of the platform. With security enhancements such as User Account Control, Address Space Layout Randomization, Kernel Patch Protection and driver signing, but also with the new development methodology set in place via the Microsoft Security Development Lifecycle, vulnerabilities in Windows Vista and its successor Windows 7 have become harder to exploit, in the eventuality that attackers do come across critical security holes.

The biggest advantage in terms of security Vista and Windows 7 have over precursor Windows clients is the Security Development Lifecycle. And with the threat environment changing focus onto third-party Windows applications, Microsoft is ready to share the SDL secrets with third-party developers. An illustrative example in this regard is the Microsoft Security Development Lifecycle (SDL): Developer Starter Kit.

“The Microsoft SDL – Developer Starter Kit offers content, labs, and training to help you establish a standardized approach to rolling out the Microsoft Security Development Lifecycle (SDL) in your organization—or enrich your existing development practices,” Microsoft revealed.
Read More»

Firefox Extension Boosts Browser Security

August 27, 2008 by Jason

The Carnegie-Mellon University (CMU) made available a Firefox extension developed at their School of Computer Science and College of Engineering that improves security in Firefox by protecting against man-in-the-middle attacks. The extension, named Perspectives, is available only for Firefox 3 and works on Windows, Linux (32-bit) and OS X (Intel), with support for Linux (64-bit) and Open Solaris being in the experimental stage of development.

A man-in-the-middle attack is performed by intercepting the traffic between a user and a resource that he is trying to access. This can be achieved by exploiting several vulnerabilities, like the latest DNS cache poisoning or GMail accounts hacking incidents show.

When accessing a server resource using secure protocols like SSL or SSH, a correct identification of the server is required. This is achieved through digitally signed certificates. Due to the fact that certificates issued by trusted authorities like VeriSign are expensive, it became common practice for small businesses and websites to use self-signed certificates. Read More»