MSFT Security and UAC: Huge Client US State Dept Hacked

Discussion in 'Windows Vista General Discussion' started by Chad Harris, Aug 1, 2006.

  1. Chad Harris

    Chad Harris Guest

    What you won't find at MFST Press Pass or in a Wagner Edstrom Press Release
    for MSFT:

    *(The New York Times is a Small Newspaper from a Small Rural Town Outside
    Seattle called New York City)*

    How UAC and MSFT Security Works on the Ground:
    http://www.nytimes.com/2006/07/12/w...357efafd741931&ex=1154577600&pagewanted=print

    From the Company who brought you 30 Security Blogs on MSDN and Technet and
    who brings you UAC.

    UAC Team Blog--Read posts from the archives--they are screenshot in detail;
    Scroll Down; Click on the Archives and previous recent dates.
    http://blogs.msdn.com/uac/

    I have seen no blogging on MSFT's huge client the US Government's State
    Department being hacked on any of many security blogs I ck out on MSDN and
    Technet's sites.



    July 12, 2006
    Computer Hackers Attack State Dept.
    By THE ASSOCIATED PRESS
    WASHINGTON, July 11 — The State Department is recovering from large-scale
    computer break-ins worldwide over the past several weeks that appeared to be
    directed at its headquarters and at offices dealing with Asia.

    Investigators believe hackers stole sensitive information and passwords, and
    implanted “back doors” in unclassified computers to allow them to return,
    said officials familiar with the hacking. They spoke on condition of
    anonymity because of the delicacy of the intrusions and the resulting
    investigation.

    The break-ins and the department’s response severely limited Internet access
    at many locations, including some headquarters offices in Washington, the
    officials said. Nearly all Internet connections have been restored since the
    break-ins were recognized in mid-June.

    Asked what information was stolen, a department spokesman, Kurtis Cooper,
    said, “Because the investigation is continuing, I don’t think we even know.”

    Employees said the hackers appeared to hit computers especially hard at the
    Bureau of East Asian and Pacific Affairs.
     
    Chad Harris, Aug 1, 2006
    #1
    1. Advertisements

  2. Chad Harris

    Intel Inside Guest

    That security infringement is so serious they should upgrade to Linux.
     
    Intel Inside, Aug 1, 2006
    #2
    1. Advertisements

  3. Chad Harris

    Kerry Brown Guest

    It's interesting but hardly on topic for a Vista newsgroup. It is more
    suited to microsoft.public.security.
     
    Kerry Brown, Aug 1, 2006
    #3
  4. Chad Harris

    Dongle Guest

    What's the connection between that article and UAC in Windows Vista Home
    Edition? Surely the State Department isn't built around computers using
    Windows Vista Home Edition. In fact, the article doesn't mention any
    platform.
     
    Dongle, Aug 1, 2006
    #4
  5. Chad Harris

    Chad Harris Guest

    Ordinarily I'd agree but I also have been reading about 20 MSFT Security
    blogs per week on MSDN and Technet blog sites Kerry and they are nearly
    totally focused on security in VaVaVista from Vistasoft and they are
    blogging on you guess it, UAC.

    And given that MSFT opened a 58 million dollar facility right after 911 in
    the D.C. area to take advantage of the post 911 so-called need for security
    (yet 5 years later there is no significant congressional oversight for
    security, border control, or substantive measures that would make the US a
    bit more secure and clients like the top agencies in the government have
    MSFT personnel there nearly all the literal time, I hold MSFT in part
    responsible for any huge security breach.

    I see enough security presentations at TS2, MSDN, and Technet to know that
    it's being showcased by the Softies.

    Combined with the reality of major government agencies that are huge if not
    the largest MSFT clients being hacked continually, and MSFT's blogging out
    of one month that they are going to be totally transparent with you and
    meeting secretly behind closed doors with the U.S. DOJ about turning over
    customer information and searches after witholding that they turned over
    partial info for 9 months last year, I thought it was relevant but no one is
    forced to read a newsgroup. Most of my friends or even well dressed
    successful appearing people on the street have no idea what I'm talking
    about when I say "newsgroup", "registry", "UAC", RC1, volume shadow service,
    and on and on.

    I have also read the literature in the mailings MSFT makes to governments
    and the claims for enhanced security. Not enhanced enough.

    CH
     
    Chad Harris, Aug 1, 2006
    #5
  6. Chad Harris

    Kerry Brown Guest

    Again, I agree it's interesting stuff but it would be more appropriate in a
    newsgroup about security. There are some good discussions about this this
    kind of stuff in microsoft.public.security.
     
    Kerry Brown, Aug 1, 2006
    #6
  7. Chad Harris

    Chad Harris Guest

    Actually, whatever any government agency uses is built around much of what
    is in Vista in a home. And from what I'm seeing this year, a lot of homes I
    know do a better job of security than a panoply of agencies that have been
    ridiculously breached by bozo head moves on the part of their personnel and
    policies not stgringently in place from their big vendor MSFT.

    I don't know that Vista Home Basic or Premium edition will be the edition
    of choice in homes any more than most people in homes use Windows XP Home,
    particularly since many companies I know who do extensive business with MSFT
    and advise in deploying MSFT have full time telecomuting, Accenture being
    one.

    I also think it's relevant to be concerned about the contrast between MSFT's
    marketing and blogging promotion of bit locker and enhanced security in UAC
    and their cooperation with the government in turning over your personal
    information and searches. I think it's relevant to be concerned about WGA
    which is quintissential spyware, from a company who is showcasing and
    marketing an app called Windows Defender which ships in Vista, and is also
    necessary to make the cutsey little Win One Care Live icon "green" should
    you use that software--and I strongly recommend WOC.

    I think you will see advertising that stresses features in any Vista that
    are the same in any agency or business. I would suspect that government
    agencies have many many types of servers with substantial "security."

    I also remember the Mark Minasi talk on how one day one of the highest
    officials at an Ohio Nuclear facility took his laptop home one weekend to
    play games with his grandson, and took it out of a security perimeter with
    no protection--and was hacked promptly within a half hour after he breached
    security. Fortunately, the nuclear reactors were off line while this was
    discovered and corrected.

    I also can count more breaches of massive data including the most important
    items of personal ID by numerous US agencies with regards to the Armed
    Forces in the last 6 months than I have fingers on two hands.

    I could easily list them but some of them involve over a million individuals
    with raw data placed on media--CDs or DVDs since I don't see the government
    as an early adopter of more advanced media (holograms, perpendicular
    technology, ect.)

    The article doesn't mention any platform because the newspaper has been
    threatened daily by the US Government who is outraged it reports their
    illegal wiretapping behavior that outrages many of us. Most articles in
    this vein are ridiculously vague.

    I can show you documents from MSFT though, that boast clients that are among
    the largest US government agencies as well as enterprises that are
    intimately involved in government security.

    Psst--almost all of them are using predominantly Windows boxes and servers,
    although Linux may be soon making inroads.

    I'm willing to bet ole CALEA is implemented on Windoz boxes and soon by
    Vista boxes. The softies have a slide that says 400 million Windoz (OEM
    preinstalled) boxes in 24 months. The "Vista opportunity."

    http://www.calea.org/

    http://www.askcalea.net/

    CALEA is the friendly agency that wants to tap your phone and your computer.
    And they want MSFT and other companies to help them.

    http://www.nytimes.com/2006/06/10/t...adc6aafd625349&ei=5088&partner=rssnyt&emc=rss

    June 10, 2006
    Ruling Backs Internet-Phone Wiretapping
    By BLOOMBERG NEWS
    WASHINGTON, June 9 (Bloomberg News) — Comcast, Vonage and other companies
    that provide telecommunications services over the Internet must allow
    wiretapping of phone calls by law enforcement officials, a federal appeals
    court ruled Friday.

    In a 2-to-1 decision, the Court of Appeals for the District of Columbia
    Circuit upheld a Federal Communications Commission directive treating such
    companies the same as conventional phone companies for law enforcement
    purposes. Comcast and other cable companies offer Internet service over
    their networks, and Vonage is the biggest provider of Web-based phone
    service.

    Under the Communications Assistance for Law Enforcement Act, known as Calea,
    phone companies must ensure that their networks are accessible to
    authorities for wiretapping.

    The American Council on Education, an association of 1,800 universities and
    degree-granting institutions, challenged the commission's decision,
    contending that providers of Web information services should be excluded
    from the act. But the court ruled that the F.C.C. was correct in extending
    the act to the Internet.

    CH
     
    Chad Harris, Aug 1, 2006
    #7
  8. Chad Harris

    Dongle Guest

    Interesting. So why doesn't Microsoft just follow Open Source's lead and do
    security like Linux does? Do you think it's because MS they can't find any
    competent people for that sort of thing?
     
    Dongle, Aug 1, 2006
    #8
  9. Chad Harris

    Dongle Guest

    Too bad we can't have a betting pool as to the number of days between
    product release and the first security breach. You know every blackhat and
    script kiddie out there has had this beta since day 1 and is fighting to get
    the first zero-day exploit.
     
    Dongle, Aug 1, 2006
    #9
  10. Who says we can't?

     
    Mark D. VandenBerg, Aug 1, 2006
    #10
  11. Chad Harris

    firth Guest

    And this is why you shouldn't turn off UAC... (yes, I know this article has
    absolutely nothing to do with Vista or UAC)

    However, I would find it really funny if they told us that it was Linux that
    was installed on the computers that were hacked.
     
    firth, Aug 1, 2006
    #11
  12. Chad Harris

    display name Guest

    Hah! Someone needs to put it on a Web site so it doesn't get lost in all
    these posts.

    Chad, the subject line of your post (and the post in general) is a little
    perplexing. Wouldn't those hackers need to get through a whole lot security
    that has nothing to do with Microsoft or UAC in order to achieve that
    breach? A DMZ, hardware firewalls, intrusion detection and such? You’re
    saying all these agencies just hang their servers right on the Internet and
    rely wholly on some former version of Microsoft UAC for security? Hard to
    swallow that one.

    How do you know they didn't intrude through Unix or Linux? It wouldn't be
    the first time. Why do people who love Linux and hate Microsoft so much hang
    out in newsgroups like this? To enlighten us poor clueless dopes?
     
    display name, Aug 1, 2006
    #12
  13. Chad Harris

    Chad Harris Guest

    I think that most of us almost to a person would find if you spent time at
    MSFT that they have one of the most abundant supplies of competent bright
    imaginative people in a company of that size on the planet. They are full
    of over the top talent. It's reflected in their blogs.

    But I also believe that they are consumately arrogant as a rule, and regard
    most of their customers as the penultimate quintissential dumbass.

    This is reflected in the way they handle information, transparency, and
    treat people in regards to feedback.

    CH
     
    Chad Harris, Aug 1, 2006
    #13
  14. Chad, thanks for keeping us up to date on this stuff. There is nothing sexy
    about security and your effort is appreciated.
     
    Colin Barnhorst, Aug 1, 2006
    #14
  15. Chad Harris

    Chad Harris Guest

    I find security often difficult and not sexy either, but important. I
    don't mind admitting that I have had to read Ed Bott's excellent chapters
    and one in particular in his XP Inside Out on the security tab, and I can
    use these permissions to the extent to control folders, and have had to read
    and reread some of the KBs (some of them are easy enough like the special
    permissions KB) but ***parent, child, objects is very tough terminology for
    me** and I can read a lot of highly science as a reflex--but this stuff
    takes some shifting gears--for me.

    I can understand how the security teams/enthusiasts/evangelists get into
    this deeply--I think for them its like building a very dynamic fortress,
    but it's hard reading sometimes and not the most interesting part of the OS
    for me.

    Good Security Blog from MSFT Steve Riley's
    http://blogs.technet.com/steriley/

    I've spent a lot of time playing with the security tabs and running around
    in circles some of the time and in Vista trying to run UAC without
    modifying it, or running with much reduced privileges, and I feel the
    same way at times I felt when we used to go into the Hall of Mirrors at some
    carnival. I was trying to drag some of the music from my XP boot to my
    Vista boot when it wouldn't import to the Vista library (maybe now that I
    have WMP11 on XP it will be easier) and it was comical the way I had to go
    to security tab layer after layer after security tab to get one lousy cut
    onto Vista. I have not been able to overcome reading XP "My Documents" from
    Vista no matter what I do, and I have seen some very elegant probably
    correct explanations as to why I never will be able to do this.

    I look forward to Bott's Vista book--the longer Vista takes to RTM, the more
    time Ed has to make it better.

    Ed Bott's Blog (Fun and Informative on the Road to Vista RTM).

    http://www.edbott.com/weblog/

    The links to articles on wiretapping, etc. etc. are to an extent off topic,
    and some people may feel some political agenda, but I see them as necessary
    to understand today because I do believe they impact privacy and security
    and I see privacy and security on a computer as overlapping with no bright
    yellow line between them.

    What bothers me the most is the more I understand how the governmental
    intrusions are playing out, the more eggregious they are, and the less there
    seems to be anything you can do about them. This government is about
    intimidation, and totalitarian dictatorship more than ever before and you
    better believe it trumps any security MSFT is going to try to sell.

    C-Span is full of some of the best and brightest lawyers in the US giving
    seminars on privacy and computer security and its nexus.

    Laurence Lessing--then at Harvard--and now a law professor at Stanford
    http://cyber.law.harvard.edu/lessigbio.html

    has done a lot of work in this area. Lessig was instrumental in getting the
    Supreme Court's computer system modernized when he clerked for Scalia. He
    was also appointed Special Master in the MSFT Anti-trust case, which angered
    MSFT and caused them to demand his withdrawal which did not happen until
    they won in the DC Circuit appeal and he was removed from the case. MSFT
    later prevailed in that case in the appeal to the DC Circuit and its
    sweetheart deal from the Bush adminstrations version of 'DOJ.'

    CH
     
    Chad Harris, Aug 1, 2006
    #15
  16. Chad Harris

    Chad Harris Guest

    A lot of them will come as in XP via IE. I think UAC is very much aimed at
    people trying to use Trojans and blended threats to gain access to areas in
    your system, and walling them off much like a bank or some place that stores
    critical intelligence.

    CH
     
    Chad Harris, Aug 1, 2006
    #16
  17. Chad Harris

    Chad Harris Guest

    I think its possible to find out more detail about what platforms they were
    using, and Linux is probably being used to an extent along with MSFT servers
    because as is often the case, a lot of the Sys Admins are Linux enthusiast
    and Windows enthusiasts.

    CH
     
    Chad Harris, Aug 1, 2006
    #17
  18. Chad Harris

    Chad Harris Guest

    No --I didn't mean to leave that impression, and I have no idea that they
    have Vista deployed and probably they have some machines but not the
    majority. I have no idea how TAP works with the government and this
    administration is so secretive and runs with a completely do nothing about
    oversight Congress that the only time you get any real information out of
    them is when the American Idol finalists visit the West Wing or Bush
    supervises T Ball while the Middle East is blowing up. And people whose
    time is divided between the nationally important saga of Mel Gibson's DUI
    and playing Where's Waldo with Castro's GI bleed.

    I meant that when a government agency installs their systems, MSFT has a
    huge presenceand a major hack to that extent shouldn't have taken place and
    MSFT has to bear some responsibility because their server systems tout
    security in a major way.

    CH
     
    Chad Harris, Aug 1, 2006
    #18
  19. Chad Harris

    Kerry Brown Guest

    I feel the same way at times I felt when we used to go into the Hall
    I found the best way to work with the music library is to tell it to monitor
    the folder on my XP machine where the music resides. When I tried to import
    the music I had problems. I store all my music in one folder on my XP
    machine. All my other machines are set to monitor that folder. It works now
    for all of them with a mix of WMP10 and 11 on various machines. I have had
    problems importing a large library on all versions of WMP.
     
    Kerry Brown, Aug 1, 2006
    #19
  20. You have to be an OS enthusiast to even want to be a Systems Administrator.
     
    Colin Barnhorst, Aug 1, 2006
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.