October 25th, 2006
PatchGuard, the technology used by Microsoft to protect the Windows Vista 64-bit kernel from tampering is in the news more nowadays that Vista itself. Microsoft is still adamant t6hat PatchGuard is a vital technology that will make all of us (all of us using 64-bit Windows anyway) safer. It's the best thing since sliced bread. Even Jim Allchin, Co-President, Microsoft Platforms & Services Division says so (via Jeff Jones Security Blog).
We’re especially excited because we’re about to deliver the most secure and reliable operating system ever developed by Microsoft. Windows Vista will make it much easier for you to protect your PC from unwanted software such as viruses, worms, and spyware. Windows Vista will make it much easier for you to enjoy a safer online experience for yourself and your family.
What surprises me here is that there has been no mention of DRM and how PatchGuard will help Microsoft lock up content on your PC. It's odd how rarely Microsoft mentions DRM when it talks publicly about PatchGuard.
Matt Hines at eWeek covers how security software maker Authentium has managed to circumvent PatchGuard kernel protection.
The company, based in Palm Beach Gardens, Fla., maintains that it has built a version of its Authentium ESP Enterprise Platform that can bypass PatchGuard without setting off the desktop alarms produced by the security feature when the Vista kernel is compromised.
ESP Enterprise, an SDK (software development kit) sold by Authentium to telecommunications carriers and so-called managed services providers, offers virus protection, anti-spyware, data recovery, firewall and transaction security capabilities.
So much for PatchGuard being robust. Hackers will tear it to pieces.
Finally, Alex Eckelberry compares PatchGuard to the Maginot Line and tackles the issue of why security company Sophos has come out in favor of PatchGuard:
Yesterday, Sophos tapped into that angry mob user resentment in a brilliant PR move — after having drunk the Microsoft KoolAid from a fire hydrant, they openly embraced PatchGuard. In one fell swoop, they positioning themselves as Microsoft-friendly, happy-dancing, API-loving people. At the same time, they positioned the rest of the industry as a bunch of moronic crybabies. Beautiful.
Now, the Sophos folks are very smart both PR-wise and technically, and so one must give pause to consider their statements. However, I suggest we dig a little deeper.
This isn't going to go away any time soon!
This entry was posted on Wednesday, October 25th, 2006 at 14:49 and is filed under PC Doctor's Thoughts, PC Doctor's Useful Links, Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.