Blue Pills Hacks Vista
Microsoft offered a challenge at the hackers conference to hack Vista and the result is...
Microsoft for once wants to release an operating system which is secure. This is a great move by Microsoft to challenge hackers to break into Vista.
Windows Vista was hacked last week at a Black Hat conference annual conference at Caesar's Palace in Las Vegas. The conference brings together security researchers and vendors to discuss the security vulnerabilities in IT products. Microsoft is one of the key sponsors for this event. At this conference, Microsoft managers and engineers presented six sessions on Vista and they opened the challenge to the attendees to take a crack at Vista by hacking into it.
Joanna Rutkowska, a researcher from Coseinc, a Singapore-based security firm, hacked into Vista to show that the operating system was vulnerable in terms of security as she was able to bypass the security to run an unsigned code.
Joanna created her own malicious code called as the "Blue Pill" which got past the security in Vista. But, the important thing to be noted is that she performed this hacking with a super administrator previlege and not with a regular account. Whether Vista can be hacked with a regular account or not is still to be determined.
Microsoft was in a win-win situation at this conference. There were two possible outcomes. The first one being Vista not being able to be hacked into. If this had been a fact, then Vista could have boasted to be a high security operating system. The second outcome is Windows being hacked into which was the case. In this case, Microsoft knows where the vulnerability lies and they could get into action to fix the loophole. Everything said and done, Vista is the first Microsoft product that the company is sending through its "Security Development Lifecycle", which aims at getting rid of all security vulnerabilities before shipping.
At the end of the day, Microsoft is the ultimate winner. Vista was still unbreakable with a standard account. Microsoft discovered the vulnerabilities through Blue Pill. All the time and effort spent by Microsoft in releasing and reshaping Vista could be worthy after all. Hats off to Microsoft for their focus being on security and their pursuit in the same direction.
