TOM'S HARDWARE GUIDE > News > Solutions > Software > Hack Expert Says Windows 7 is Hard to Hack
Hack Expert Says Windows 7 is Hard to Hack
Next news
12:00 PM - March 2, 2010 by Kevin Parrish
X
Send link to this page by email :
Your email address *
Your name *
Recipient address *
Send
* The email addresses collected via this form are not recorded on our servers and are only used for the sending request
* Email |
* Print |
* Comments (44) |
* Share
Windows 7 is harder to hack than Apple's Snow Leopard--mainly due to Flash being installed by default on SL.
Zoom
Security expert Charlie Miller has participated in the Pwn2Own contest over the last two years, and has won both times. Held in the CansecWest Conference in Vancouver, British Columbia, Canada, the contest challenges contestants to find "big bugs" in web browsers, operating systems, and even in mobile devices. With the 2010 conference just around the corner (March 24), oneITsecurity conducted an interview with the champ and asked Miller which was harder to crack: Windows 7 or Snow Leopard?
"Windows 7 is slightly more difficult because it has full ASLR (address space layout randomization) and a smaller attack surface (for example, no Java or Flash by default)," he said. "Windows used to be much harder because it had full ASLR and DEP (data execution prevention). But recently, a talk at Black Hat DC showed how to get around these protections in a browser in Windows."
He also added that a safe browsing combination would be to use Chrome or Internet Explorer 8 on Windows 7, however he said that there isn't enough difference between the two browsers to "get worked up about." But he did emphasize that Flash not be installed no matter what browser or OS is used by the consumer.
The interview also covered exploits on game consoles. As the interviewer points out, the devices are in our living rooms, in our dens and offices, yet there are still few exploits and vulnerabilities discovered. Why aren't security researchers working on finding exploits on these devices? Because there are more PCs, and game consoles don't need to be connected to the Internet.
"I’ve had Wii for a year or so and its never been on the Internet," Miller said. "Its hard to remotely attack the box when you can’t get packets to it
Also, computers, and phones to a lesser extent, are designed to be customized, to download and use/render content from the Internet. This is where vulnerabilities exist and exploits are created. Game consoles don’t do this as much so the attack surface is much smaller. The final reason, is it is hard to do research on them. Its not easy to get a debugger running on an Xbox, for example."
To catch the full interview, head here.
Source : Tom's Hardware US
Related news
Patches Released for Critical Security Issues for Microsoft Windows
Trojan attacks via unpatched vulnerability in Word
Windows Vista security flaw uncovered
Hacker: Windows More Secure Than Mac OS X
Hacker uncovers Internet Explorer 7 phishing hole
* Previous
Leading Intel Executive Suffers Stroke
* Next
Windows 7 Tablet Gets CPU Upgrade, More
Topics being discussed on the forums
* i got spammed by bill gates!!!! [Old Man/Woman's Club]
* How to prevent malware from running on your PC [General Networking]
* Why a software firewall? [General Networking]
* Microsoft Phasing Out Win98 !? [Windows 95/98/ME]
* Is the MAC dead? [Audio]
See more topics
Questions? Ask Tom's community!
Talkback
Add your comment
Read the comments on the forums
* First
* Previous
* 2 / 2
* Next
* Last
Gin Fushicho 03/03/2010 1:42 AM
Hide
Insert quote. Report -1+
But...but... Flash is used almost everywhere! D=
TheDuke 03/03/2010 2:36 AM
Hide
Insert quote. Report -1+
maybe hackers will start making an effort on Macs to shut up all those Mac fanatics and their pseudo security
llemm 03/03/2010 2:57 AM
Hide
Insert quote. Report -0+
dogofwars :
Well Chrome use encapsulation and IE 8 do "some" kind of encapsulation.From my own experience I think Chrome is safer but it take a lot of memory.HTML5 I don't know if it will be more secure, will it be more related to the browser than 3rd party??
My Mother have one in her room.
idlerp 03/03/2010 5:49 AM
Hide
Insert quote. Report -0+
tomtompiper :
PS I have Flash on all my PC's and my chances of getting hacked are about as good as winning the lottery. Don't let these bogey men frighten you. If you take sensible precautions there is little to worry about.
Does your computer come with some type of magical protection that keeps you from being vulnerable to 0-day exploits? Don't know if you realize this or not but there are and have been viruses and worms that spread with absolutely no user interaction, the computer simply needs to be on, connected to the internet, and running vulnerable software.
And to the people talking about hacking consoles, he's not talking about running pirated games, he's talking about running arbitrary code from a remote location that either steals personal data, turns the console into a bot, or damages it. Much like the code that was intentionally bricking PSP's a few years back.
This magical protection is called Linux. I surf the web using it, I only switch to Windoze for games. As I said if you take reasonable precautions there is nothing to worry about. Dualbooting is easy, try a live CD first to check your system and find a distro to suit you then install. My Distro of choice at the moment is PCLinuxOS, great hardware detection and installs in 20 mins.
Facebook
Twitter
Instagram