[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [Full-disclosure] windows future
From: Valdis.Kletnieks () vt ! edu
Date: 2009-08-31 15:26:27
Message-ID: 39770.1251732387 () turing-police ! cc ! vt ! edu
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Sun, 30 Aug 2009 01:09:55 BST, lsi said:
> The biological metaphor does suggest that Microsoft would take some
> kind of evasive action, and I think their only option is to license
> unix, just as Apple did (although Apple did it for different
> reasons). Doing this will solve many problems, they can keep their
> proprietary interface and their reputation, and possibly even their
> licensing and marketing models, while under the hood, unix saves the
> day.
Unlikely to work - there's just Too Damned Many legacy binaries that have all
sorts of dependencies on undocumented quirks of the Windows APIs. So you end
up needing to use a Wine-like shim to provide the API the binaries need - and
if the shim is good enough for the backward-combatable binaries, it's *also*
good enough for the malware to attack. If IE9 has a bug and some Javascript
scribbles something into the 'Documents' folder, that Javascript really doesn't
care if it's a Documents folder on a real Windows box, or one that's in a
directory being managed by a shim on a Unix/Linux box. All it cares about is
that it *behaves* like a Documents folder.
Hint: If a Windows user's home directory is on a remote file share, it
really doesn't care if it's a Genuine Windows(TM) or a Samba share, does it?
Heck, it doesn't even know/care if its domain controller is Windows or Samba.
All it cares is that the file share and the DC *act* like Windows.
And unfortunately, that's true for both legitimate binaries and malware.
[Attachment #5 (application/pgp-signature)]
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic