Vista Hackers Get Busy

An anonymous reader writes "Microsoft's long-awaited Windows Vista release Thursday for business customers will get more than just the passing attention of network administrators. That's because hackers will be eagerly waiting to do what hackers do best: start some mischief." Some folks on the Black Hat set got a sneak peek at Vista earlier this year, so they've had time to prepare.

The most retarded story ever?

[Anonymous Coward]

Because crackers were obviously waiting until Vista was available in stores.

Hack WGA First

[Mateo_LeFou]

Make it better. The less piracy of windows there is in the world, the more people will get into free alternatives

Always a game

[nawcom]

Microsoft software will always be a puzzle game to hackers and such; closed, hidden, and exciting to find.

Re:The most retarded story ever?

[Anonymous Coward]

Well, yes. I'm sure all the crackers have gotten their grubby little mitts on the thing already, but the general populate hasn't. What good is being able to break into Vista already, when no one is using it yet. Once the use of the OS starts to grow after it is released, there will be an abundance of targets. Not so, right now.

vista?

[Anonymous Coward]

I'll just wait for that new linux version to come.. you'll be hearing from me, don't worry.

real hackers hack linux

Re:The most retarded story ever?

[StikyPad]

No, they were waiting for legitimate customers to install it so they could try out their hacks in the real world. See sig.

Outcome is Predetermined

[mpapet]

1. Windows will always have "enough" security for most users. There's no incentive for them to do any better because they own the market already. Therefore, end-user security is not important.
2. The target is too big and the OS too poorly designed for running a reasonably safe desktop.
3. The outlook for system administration is good because there will be plenty of work.

What's sad is the Wikipedia page that compares Vista to XP conveniently studiously avoids the fact that Microsoft and the media corporations now control essential parts of your computer. http://en.wikipedia.org/wiki/Features_new_to_Windo ws_Vista [wikipedia.org]

I give the first verified Vista exploit 90 days from the day they ship to consumers. What's your bet?

Sneak Peeks

[RAMMS+EIN]

``Some folks on the Black Hat set got a sneak peek at Vista earlier this year''

It seems to me pretty much everyone got a sneak peek at Vista earlier this year.

Re:Helping Hacker Culture Grow

[GaryPatterson]

While I sympathise to some extent, you're fighting a lost battle. In fact, it's pretty much the same one that people who bemoan that the word "gay" no longer means happy lost years ago.

To 99.9999% of the world, Hacker == Cracker == bad person

Re:Hack WGA First

[WoLpH]

It all depends on your definition of "fun". You can play a lot of games with ease, kde alone features games like Fleur II, Bricks, Raeumen, Neuner, Spooky Shooter, Sheep, Megami and a lot more. Those games are considered "fun" so what is your point really?
Exactly, Linux isn't bad, it's just not what _you_ want.

For me it's the exact opposite, every time I work on a Windows machine I just feel restricted, I can't move around as fast, everything takes more time to do... So is Linux now better then Windows? No it isn't, it's different, it is superior at some points, it's inferior at some other points. Neither is perfect, just keep in mind that the world doesn't revolve around you, your opinion is just one of billions ;)

Re:Helping Hacker Culture Grow

[ampathee]

Personally, I say 'geek' - I think it sounds cooler than 'nerd'.

Re:The most retarded story ever?

[Monchanger]

You can't get a Slashdot story written about you (albeit anonymously) by being the second confirmed crack.

That, and the adoption is still low due to there not being an available cracked version...

Re:Helping Hacker Culture Grow

[ConceptJunkie]

Get over it. That battle was lost a decade ago. Nobody cares anymore.

Or are you one of those folks who still gets into System V/Berkeley flame war...

Re:The most retarded story ever?

[Jahz]

Well, yes. I'm sure all the crackers have gotten their grubby little mitts on the thing already, but the general populate hasn't. What good is being able to break into Vista already, when no one is using it yet. Once the use of the OS starts to grow after it is released, there will be an abundance of targets. Not so, right now.

Targets? Are you under the impression that the only reason to exploit a machine is to form a bot net? Additionally, have you considered that an exploit written/discovered during beta can, in most cases, be SAVED until release? It's not like the evil hackers are reporting their hacks to Microsoft for QA purposes.

*sigh*

Re:Helping Hacker Culture Grow

[Dunbal]

don't say or write hacker when you mean cracker

      No. That's the thing really. With the DMCA, both of them are criminals now anyway...

Re:The most retarded story ever?

[Danse]

And what do you suppose the adoption rate of Vista within the next few months will be? I'm betting 0%, give or take. Hackers would be better off going after OS/2.

With OEMs installing it on new boxes, I'm betting the sales pick up fairly quickly. I sure won't be one of them, but I know plenty of people who wouldn't think twice about getting the latest OS on their new PC.

You reinforce my point

[SuperKendall]

I take it, from your tone, that you're implying that the lack of attacks against Mac OS has nothing to do with its small marketshare.

How perceptive!

Interesting that you post this one day after Apple patched 31 security holes

And then you falter.

Not all security holes are created equal you know; Some security holes are harder to exploit than others. You can never remove all security holes so you approach security using a tactic called "defense in depth" which builds a layered approach to security, such that even if you have a weakness at some level either the levels above will prevent access for an exploit, or an exploit can only get so far. So Apple fixing 31 security holes means only that they are indeed vigilant about patching security problems.

Still virus and malware free, even with these 31 exploits it would seem....

And there were three months earlier this year when Apple patched 40+, 20+, and 20+ security holes

Yes, and three months earlier we also had no malware or viruses.

So the holes are there aplenty, but they're not being exploited for some reason.

(a) you obviously had no idea what the holes were in, and (b) as I said you can never remove all holes - only a fool would imagine that to be possible.

To help you reach a deeper understanding of the situation, consider this - some of those "holes aplenty" were in the OS X SSH server. yet by default OS X does not have SSH enabled. So, realistically, a hole in that system means nothing for a virus writer, because they cannot count of enough people to be running SSH to make that an exploit they can reach. That is but one example.

If small marketshare isn't the reason that those holes haven't been exploited, then what is the reason? Why don't you suggest a reason?

I have - defense in depth. It's too difficult currently to reach the exploits that are open, or to do anything of use when you reach them. Furthermore a good deep defense also means that if an exploit should infect a computer, it's far easier to remove the malicious code - whcih lesses the desire to write an exploit because its lifespan will not be as great.

Let's turn your whole argument around. Apache is a popular web server, far more popular than any other. Yet it too has a distinct lack of sucessful exploits against it compared with other servers. Since marketshare does not seem to tell us anything about the likleyhood of successful attacks, some other force is at work - and that is a better overall security model.

Maybe it isn't small marketshare, but it certainly isn't that the holes aren't there (like Mac fanboys like to suggest).

Mac "fanboys" rarely suggest there are no holes, just that OS X has better security by default which reduces the impact and effect of the holes that will ALWAYS be there. Only "Windows Bitches" distort that argument to claim otherwise. Say, didn't you jus make that mistake?

Re:The most retarded story ever?

[cnettel]

Does that include the 180 day (or whatever it is) timebomb?

Re:The hack I'm waiting to see

[nickos]

I don't think it does FOSS's image any good for Linux to be associated with virus writers.

An aside - it's interesting how most successful modern viruses aren't really as harmful as they could be on the machines they infect. Sure they often zombify the machine, but to the uneduacted user this just means the machine runs a little slower than before. If a virus were to successfully infect many machines and then format all of their harddrives on a designated day a couple of months later I think there would be a lot of pissed off users looking to change OS...

Re:Hack WGA First

[dave420]

And I feel the same way when working in Windows than Linux - as you say, it's all down to the individual. That's why any fanboy asshat trying to convert people to any other camp just serves to piss them off - people will change when they want to - not before.

Re:The most retarded story ever?

[Orange Crush]

does this mean XP will become safer?

About as safe as Win98 is today. XP will still be the most common desktop OS for years to come. Average users don't upgrade OSes. Heck, they don't even patch them. XP was released in 2001, yet three years later Windows 98 still accounted for more than a quarter [wikipedia.org] of Google page views.

Also, Vista's (theoretically) harder to pirate than XP was and I'd wager that a large part of XPs early adoption was via corp .iso's.