In all the fuss about the Start screen, it's easy to miss that Windows 8 had major improvements to security; that was the culmination of ten years of work on defending the operating system, senior product manager Chris Hallum told us.
"Windows 7 is six times more likely to get infected than Windows 8 and Windows XP is 21 times more likely to be exploited."
But that was still all defensive reactions; for Windows 8.1, he said, Microsoft is going on the offensive with better malware protection, new ways of checking the security certificates web sites rely on - and with a plan to add encryption and biometric security to every PC.
The built-in anti-malware tool Defender will protect against more threats in the browser, including from plugins and ActiveX controls. "In Windows 8.1 we will scan those payloads before they're executed," Hallum told us.
Microsoft will also be more active about protecting the browser against stolen certificates; because the browser trusts those certificates to identify popular web sites that you log into, hackers have started targeting them (and the authorities who issue them) as a way to break into your rtls.
"Public certificates have already been hacked," Hallum points out; in a number of cases certificates for well-known companies like Yahoo and Google have been compromised and used on fake web sites to steal credentials."
For Windows 8.1, Microsoft will operate a service tracking certificates for the top million web sites. "If we see a certificate being used fraudulently or showing up on a server where it shouldn't be, we will work with the certificate authorities," Hallum said, noting that this will protect other versions of Windows and indeed other platforms too.
With Windows 8.1, encryption isn't just for business users any more, although Microsoft is improving BitLocker performance for business systems (up to 30 times faster than in Windows 8, Hallum claims). "We need it not just to protect your data but also the system itself; we don't want people to be able to tamper with Windows system files," he explained.
That's why all versions of Windows will now include encryption; BitLocker in the business editions and the same device encryption that's already in Windows RT and Windows Phone 8 in the home editions. "We expect encryption to be pervasive," he predicted.
There are some hardware restrictions on this; you need a PC that is capable of Connected Standby with Windows 8 or 8.1. That means the PC has a UEFI BIOS and either a separate Trusted Platform Module (TPM), ARM's Trusted Zone or Intel's Platform Trust Technology for storing information securely.
It also means there is are no Direct Memory Access connections, which includes both FireWire and the Thunderbolt technology Intel developed with Apple; Hallum says Microsoft is talking to Intel about ways of making Thunderbolt more secure but DMA connections can transfer code directly into memory, bypassing system security.
Microsoft will also use the information about the PC stored in the TPM to 'harden' Windows with a cloud service that's provisionally called Provable PC Health (expect the name to change, Hallow says). This will use the record of secure boot stored in the TPM to verify that your PC isn't infected. "We can remotely analyse the security state of the device and the integrity of the device." Hallum says, claiming that this will detect even sophisticated malware like Flame.
"We will inform the user if there is a problem and if there is an infection Windows can put them back in a safe state. If there is an infection that can steal their credentials we will inform them, and we will help them remediate their Microsoft account."
Once you can store information securely and prove that your PC doesn't have a rootkit or a virus that could compromise that, you can use your PC as a way to authenticate that's more secure than a password.
"Passwords are increasingly problematic," Hallum points out; "people can have them phished or they can be guessed." Windows 8 can already use the TPM as a virtual smartcard but that's not truly two-factor authentication. You need something else to prove your identity and that will be your fingerprint.
Today's fingerprint sensors are big, clumsy (you have to swipe your finger across them carefully) and easy to fool with a fake finger. More powerful sensors can tell the difference between a real finger and a fake – they can tell if your finger has a pulse – and they can detect prints from four fingers at once, but those sensors currently cost $100 or more.
No comments:
Post a Comment