Does Vista need extra software for security?

Discussion in 'Windows Vista Security' started by Stan Kay, Jan 5, 2007.

  1. Stan Kay

    FireWall2 Guest

    Kerry,

    It’s becoming too obvious that you guys have a level of knowledge that far
    exceeds mine.

    After I separated your paragraph into sentences, I’m getting near
    comprehending your response, maybe.

    Kinda think you guys are on page three while I remain on page one.

    Yes, I’m going to research Vista’s Encryption for better comprehension.

    At this writing, do not understand how malware has the ability for self
    attaching to a file or folder with 256 cipher... apparently malware must have
    the ability for self-attaching to Vista's 256 Encrypted OS.

    Thank you for your very courteous and patient response.
     
    FireWall2, Jan 8, 2007
    #21
    1. Advertisements

  2. Read a couple of books about encryption. NO encryption algorithm is or can
    be made 100% secure. If you have enough processing power you can decrypt it
    with enough time. From what you have said it appears you have read several
    articles about security that we written by marketing types - full of lies
    and totally useless except for the salesperson's commissions.

    EFS is a good encryption algorithm, but being paranoid I wonder how good.
    When DES was first introduced the key size was reduced from 64 to 56 bits
    because some "No Such Agency" thought it was too strong, or so I have heard
    via rumors. Now, 56 bit DES is easy to break with dedicated hardware that
    can do tens of thousands of keys per second. When a user that has access to
    files encrypted by EFS is running any process can impersonate that person
    and access the protected files. Bitlocker is the same that when anyone or
    anything (TPM) has access to the drive, then all of the drive is open for an
    attacker. It only works if someone steals your computer and you have
    configured Bitlocker to require two factor security - the hardware TPM and a
    key/password/etc.

    The government works with the concept that secrets only need to be protected
    for some finite time. Where the D-Day invasion was to occur is not a useful
    secret any more. Crypto works the same in that all channels change keys
    frequently and the hardware is updated to implement new algorithms on a
    regular basis.
     
    David J. Craig, Jan 8, 2007
    #22
    1. Advertisements

  3. Stan Kay

    FireWall2 Guest

    David,

    At this moment, not certain what is fact and what is fiction (perhaps whom).

    Remain researching Vista's 256 Encryption algorithm.

    Located the below article with URL located at MS Tech Net authored by Tony
    Northrup: So, perhaps Tony Northrup is merely lying, but I don't think so.
    Likely, there are many folks within this Forum lacking knowledge regarding
    Vista's inherent Security. Tony's below article was written during 2005.
    Today, Vista has made enormus Security enhancements since the below article
    was Posted at Tech Net.

    http://technet.microsoft.com/en-us/windowsvista/aa905073.aspx#EUD

    Anti-Malware
    Feature Description
    User Account Control, discussed earlier on this page, and security
    improvements to Internet Explorer (including the new protected mode, which
    will be discussed later) can reduce the impact of malware on Windows Vista.
    In addition to these features, Windows Vista can clean many worms, viruses,
    rootkits and spyware, thereby ensuring the integrity of the operating system
    and the privacy of users' data. Windows Vista will also include Windows
    Defender, a technology that helps protect your computer against pop-ups, slow
    performance, and security threats caused by spyware and other unwanted
    software. It features Real-Time Protection, a monitoring system that
    recommends actions against spyware when it's detected, and a new streamlined
    interface that minimizes interruptions and helps you stay productive.
     
    FireWall2, Jan 8, 2007
    #23
  4. Stan Kay

    FireWall2 Guest

    Kerry,

    At this moment, not certain what is fact and what is fiction (perhaps whom).

    Remain researching Vista's 256 Encryption algorithm.

    Determined it best for consulting the engineers and designers for Vista's
    inherent Security.

    Located the below (small portion) article (with URL) located at MS Tech Net
    authored by Tony Northrup: So, perhaps Tony Northrup is merely lying, but I
    don't think so. Likely, there are many folks within this Forum lacking
    knowledge regarding Vista's inherent Security. Tony's below article was
    written during 2005. Today, Vista has made enormus Security enhancements
    since the below article was Posted at Tech Net.

    http://technet.microsoft.com/en-us/windowsvista/aa905073.aspx#EUD

    Anti-Malware
    Feature Description
    User Account Control, discussed earlier on this page, and security
    improvements to Internet Explorer (including the new protected mode, which
    will be discussed later) can reduce the impact of malware on Windows Vista.
    In addition to these features, Windows Vista can clean many worms, viruses,
    rootkits and spyware, thereby ensuring the integrity of the operating system
    and the privacy of users' data. Windows Vista will also include Windows
    Defender, a technology that helps protect your computer against pop-ups, slow
    performance, and security threats caused by spyware and other unwanted
    software. It features Real-Time Protection, a monitoring system that
    recommends actions against spyware when it's detected, and a new streamlined
    interface that minimizes interruptions and helps you stay productive.
     
    FireWall2, Jan 8, 2007
    #24
  5. Stan Kay

    FireWall2 Guest

    Paul,

    May I encourage you and others for reading the below article by Tony
    Northrup, from TechNet?

    At this moment, not certain what is fact and what is fiction (perhaps whom).

    Remain researching Vista's 256 Encryption algorithm.

    Determined it best for consulting the engineers and designers for Vista's
    inherent Security.

    Located the below article (with URL) located at MS Tech Net authored by Tony
    Northrup: So, perhaps Tony Northrup is merely lying, but I don't think so.
    Likely, there are many folks within this Forum lacking knowledge regarding
    Vista's inherent Security. Tony's below article was written during 2005.
    Today, Vista has made enormus Security enhancements since the below article
    was Posted at Tech Net.

    http://technet.microsoft.com/en-us/windowsvista/aa905073.aspx#EUD

    Anti-Malware
    Feature Description
    User Account Control, discussed earlier on this page, and security
    improvements to Internet Explorer (including the new protected mode, which
    will be discussed later) can reduce the impact of malware on Windows Vista.
    In addition to these features, Windows Vista can clean many worms, viruses,
    rootkits and spyware, thereby ensuring the integrity of the operating system
    and the privacy of users' data. Windows Vista will also include Windows
    Defender, a technology that helps protect your computer against pop-ups, slow
    performance, and security threats caused by spyware and other unwanted
    software. It features Real-Time Protection, a monitoring system that
    recommends actions against spyware when it's detected, and a new streamlined
    interface that minimizes interruptions and helps you stay productive.
     
    FireWall2, Jan 8, 2007
    #25
  6. Stan Kay

    Kerry Brown Guest

    Do you see encryption mentioned anywhere in the quote?

    --
    Kerry Brown
    Microsoft MVP - Shell/User
    http://www.vistahelp.ca


     
    Kerry Brown, Jan 8, 2007
    #26
  7. Stan Kay

    Kerry Brown Guest

    It's good that you question things. I'm sure with a bit of research you'll
    understand how encryption works and what it is used for.
     
    Kerry Brown, Jan 8, 2007
    #27
  8. Stan Kay

    Jeff Guest

    Firewall,
    The point is, simply, encryption protects the system from theft-from the
    article you yourself posted:

    "Theft or loss of corporate intellectual property is an increasing concern
    for organizations. Windows Vista has improved support for data protection at
    the document, file, directory, and machine level....The Encrypting File
    System, which provides user-based file and directory encryption, has been
    enhanced to allow storage of encryption keys on smart cards, providing
    better protection of encryption keys. In addition, the new BitLocker Drive
    Encryption enterprise feature adds machine-level data protection. On a
    computer with appropriate enabling hardware, BitLocker Drive Encryption
    provides full volume encryption of the system volume, including Windows
    system files and the hibernation file, which helps protect data from being
    compromised on a lost or stolen machine."

    Once you have logged on as a valid user, the o.s. is unlocked,the files,that
    the o.s. uses are unlocked,
    the files that you use are unlocked,
    for you,
    for applications,
    for services,
    for the internet,
    for everything that comes in contact with it.


    Jeff
     
    Jeff, Jan 8, 2007
    #28
  9. Stan Kay

    Paul Adare Guest

    in the microsoft.public.windows.vista.security news group, =?
    There is nothing in the above that refers to encryption at all.
    You're still not getting this.
     
    Paul Adare, Jan 8, 2007
    #29
  10. Stan Kay

    Paul Adare Guest

    in the microsoft.public.windows.vista.security news group, =?
    I have not once talked about compromising encryption. I've told
    you repeatedly that there is no need for viruses or malware to
    compromise either EFS or BDE encryption in order to infect your
    computer. You're the one that keeps harping on encryption and
    myself and Kerry have told you over and over again that there is
    no need for the virus or malware to compromise any encryption
    scheme to infect your computer.
    I'll say this one more time. If the virus or malware is running
    in your security context, EFS encryption is irrelevant as the
    process that is running has complete access to your decryption
    keys. As far as BDE goes, just the simple fact that the process
    is running, regardless of the security context, means that it
    has complete access. It will request that a file be opened to
    write to, and as long as the process has the correct NTFS
    permissions, the file system driver will decrypt the file and
    open it.

    For the last time, encryption, whether it be EFS or BDE DOES NOT
    PROTECT YOU AGAINST MALWARE OR VIRUSES. PERIOD.
     
    Paul Adare, Jan 8, 2007
    #30
  11. Stan Kay

    Paul Adare Guest

    in the microsoft.public.windows.vista.security news group, =?
    Absolutely nothing in that quote refers to encryption.
     
    Paul Adare, Jan 8, 2007
    #31
  12. Imagine that you are standing outside of a locked room.. extractors linked
    to the locking system ensure that the room is completely free of dust,
    insects etc by creating a vacuum in there, and as long as the room remains
    locked, it will stay that way.. unfortunately, you or anybody else don't get
    to use the room in it's totally clean state because it is locked..

    So, go get the key to the room, and unlock the door.. you now have access,
    but then so does everybody/everything else.. if you lock the door behind
    you, the extractors will do their stuff again, and you will be without air..
     
    Mike Hall - MS MVP Windows Shell/User, Jan 8, 2007
    #32
  13. Stan Kay

    Kerry Brown Guest

    This is misinformation and needs to be responded to. Google for blue pill
    exploit. It's true that uac will prompt you if you try to run the exploit.
    If you allow it, it will install and Vista will not self-remove it. I am
    sure other exploits will be developed as well. The notion that Vista will
    self-remove malware is wrong. Windows Defender a program in Vista can be
    used to remove spyware that it knows about but it is by no means all
    inclusive in the spyware it knows about.

    --
    Kerry Brown
    Microsoft MVP - Shell/User
    http://www.vistahelp.ca
     
    Kerry Brown, Jan 9, 2007
    #33
  14. Stan Kay

    Paul Adare Guest

    in the microsoft.public.windows.vista.security news group, =?
    I don't know how many more ways this can be said. Neither BDE
    nor EFS will do anything to protect you from either viruses or
    malware. Period.
    UAC has nothing at all to do with either EFS or BDE.
     
    Paul Adare, Jan 9, 2007
    #34
  15. Stan Kay

    Paul Adare Guest

    in the microsoft.public.windows.vista.security news group, =?
    You still don't get this. Neither EFS nor BDE will protect you
    from malware or viruses and UAC has nothing to do with either
    one of them. Just stop making wild claims about subject you know
    nothing about.
     
    Paul Adare, Jan 9, 2007
    #35
  16. Stan Kay

    Paul Adare Guest

    microsoft.public.windows.vista.security news group, Kerry Brown
    And none of this has anything to do with encryption, BDE, or
    EFS.
    Firewall2, you don't have a clue what you're talking about and
    you really need to learn more about these topics before you
    start making wild claims that you can't back up.
     
    Paul Adare, Jan 9, 2007
    #36
  17. Stan Kay

    FireWall2 Guest

    Kerry,

    Apologize for this additional message regarding the “dead horse†situation.
    But, my conscious bothers me from **intentionally** not sharing more of
    what I’ve learned in respect to BitLocker and EFS.

    The UAC does provide some important functions while *one* of the more
    important functions for Vista self-removing malware, virus, and other threats
    occurs during the Boot process. The full explanation for BitLockers entire
    process protecting the OS and EFS would require too much time and space.
    Simply, BitLocker is part of the System Integrity group in Windows Security.

    Been pondering your below, two previous statements; slowly it occurred to me
    that you are referencing the definition of **historic encryption**, not
    Vista’s state of the art 256 mechanism crypto algorithms, provided by
    BitLocker. The all-encompassing difference is equal with the difference
    between day and night !!!

    --Below your previous statement; yet not as bad as the current Post as MVP.--
    *“Many of us have answered your question already. You are missing an
    understanding of what encrypting files or a file system is designed to do.†*

    *“It's hard to put in simpler words than we've already done. Malware doesn't
    need to compromise the encryption.â€*

    Seriously, BitLocker is near nuclear or Rocket science!


    May I suggest for you inquiring for information from Microsoft’s BitLocker
    Team, the same folks that designed and developed BitLocker? Logic shouts,
    Microsoft’s BitLocker Team is the ultimate authority, not me.

    Respectfully,
     
    FireWall2, Jan 10, 2007
    #37
  18. Stan Kay

    FireWall2 Guest

    Paul,

    Apologize for this additional message regarding the “dead horse†situation.

    My conscious bothers me from **intentionally** not sharing more of what I’ve
    learned in respect to BitLocker and EFS (thought you might respond).

    The UAC does provide some important functions while *one* of the more
    important functions for Vista self-removing malware, virus, and other threats
    occurs during the Boot process. The full explanation for BitLockers entire
    process protecting the OS and EFS would require too much time and space.
    Simply, BitLocker is part of the System Integrity group in Windows Security.

    Been pondering your previous (now, current Post) statements; slowly it
    occurred to me that you guys are referencing the definition of **historic
    encryption**, not Vista’s state of the art 256 mechanism crypto algorithms,
    provided by BitLocker. The all-encompassing difference is equal with the
    difference between day and night !!! BitLocker that is, not Defender.

    Seriously, BitLocker is near nuclear or Rocket science, maybe beyond !!

    Since you are a MVP representing Microsoft, may I suggest for you inquiring
    for information from Microsoft’s BitLocker Team, the same folks that designed
    and developed BitLocker? Logic shouts, Microsoft’s BitLocker Team is the
    ultimate authority, not me.

    The bus has arrived, are you ready for an educational journey?

    Respectfully,
     
    FireWall2, Jan 10, 2007
    #38
  19. Stan Kay

    FireWall2 Guest

    Paul,

    Just read the last part of your current Post - -

    *** "Firewall2, you don't have a clue what you're talking about and you
    really need to learn more about these topics before you start making wild
    claims that you can't back up." ***

    Paul, the *** "wild claims" *** are made by Microsoft's BitLocker Team and
    Vista's Tech Support, NOT ME !!!

    My Back-up Support is Microsoft; Paul, what do you offer as back up support
    for your near hostile retorts.

    Is it possible that you missed the educational bus?

    As a MVP, your dogma and stubbornness greatly astonishes me.

    Respectfully,
     
    FireWall2, Jan 10, 2007
    #39
  20. Stan Kay

    Kerry Brown Guest

    I'm not going to respond any more. You need to do some more research.
    Bitlocker does not stop malware from installing and it doesn't remove it.
    You don't grasp the basic concepts involved with encryption and are jumping
    to conclusions that are wrong.

    --
    Kerry Brown
    Microsoft MVP - Shell/User
    http://www.vistahelp.ca
     
    Kerry Brown, Jan 10, 2007
    #40
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.