When running in kernel mode rather than user mode, security software has full access to a system's hardware and software, which makes it more powerful and flexible; this also means that a bad update like CrowdStrike's can cause a lot more problems.
Recent versions of macOS have deprecated third-party kernel extensions for exactly this reason, one explanation for why Macs weren't taken down by the CrowdStrike update. But past efforts by Microsoft to lock third-party security companies out of the Windows kernel—most recently in the Windows Vista era—have been met with pushback from European Commission regulators. That level of skepticism is warranted, given Microsoft's past (and continuing) record of using Windows' market position to push its own products and services. Any present-day attempt to restrict third-party vendors' access to the Windows kernel would be likely to draw similar scrutiny. //
For context, analytics company Parametrix Insurance estimated the cost of the outage to Fortune 500 companies somewhere in the realm of $5.4 billion.
he top ten reasons Eternal Damnation is better than Windows Software Development
Microsoft has open-sourced another bit of computing history this week: The company teamed up with IBM to release the source code of 1988's MS-DOS 4.00, a version better known for its unpopularity, bugginess, and convoluted development history than its utility as a computer operating system.
The MS-DOS 4.00 code is available on Microsoft's MS-DOS GitHub page along with versions 1.25 and 2.0, which Microsoft open-sourced in cooperation with the Computer History Museum back in 2014. All open-source versions of DOS have been released under the MIT License. //
The publicly released version of MS-DOS 4.00 is known less for its new features than for its high memory usage; the 4.00 release could consume as much as 92KB of RAM, way up from the roughly 56KB used by MS-DOS 3.31, and the 4.01 release reduced this to about 86KB. The later MS-DOS 5.0 and 6.0 releases maxed out at 72 or 73KB, and even IBM's PC DOS 2000 only wanted around 64KB.
These RAM numbers would be rounding errors on any modern computer, but in the days when RAM was pricey, systems maxed out at 640KB, and virtual memory wasn't a thing, such a huge jump in system requirements was a big deal. //
Microsoft has open-sourced some other legacy code over the years, including those older MS-DOS versions, Word for Windows 1.1a, 1983-era GW-BASIC, and the original Windows File Manager. While most of these have been released in their original forms without any updates or changes, the Windows File Manager is actually actively maintained. It was initially just changed enough to run natively on modern 64-bit and Arm PCs running Windows 10 and 11, but it's been updated with new fixes and features as recently as March 2024.
cybershow • April 3, 2024 5:23 PM
@ Nick Alcock
Hey Nick, I do appreciate the compliment, but you are too kind, I am not sure it is possible to ever be too paranoid in this
business 🙂 In my tradition we call it radical scepticism.
...
Regardless then the perhaps ridiculous accusation of whether and how Microsoft caused this issue, the question of how could Microsoft benefit from it is a separate, good and worthy one I am pleased you ask.
The story of the backdoor so far is two-fold. It’s a technically great hack one has to admire, with undetectable RCE in the auth phase of the most used critical protocol. Hats-off!
But it’s also a story of sinister social engineering. A dark night. A lonely and isolated maintainer. Some well meaning visitors drop by “to help”…
What we’re left talking about is the very nature of open source development, of supply chains and trust models. Perhaps a long-overdue conversation, no?
But who have positioned themselves “to help”?
Who have replaced the entire pre-2010 ecosystem of individual and autonomous development with a single GitHub?
Who might we expect to soon come riding in on a white stallion with “solutions” to the vulnerability of FOSS supply chains? To protect the lonesome, unpaid, overworked and socially unskilled FOSS maintainer?
most respectfully. //
Winter • April 4, 2024 5:08 AM
@cybershow
Regardless then the perhaps ridiculous accusation of whether and how Microsoft caused this issue, the question of how could Microsoft benefit from it is a separate, good and worthy one I am pleased you ask.
Microsoft ships Linux as part of WSL. The targeted Linux distributions are the main deployments on Azure. Azure generated $45B of revenue (23%)[1]. That is more than Office or Windows. Azure is the biggest growth market for MS. AFAIK, MS have nothing to replace Linux available.
This means that anything that damages Linux will damage Azure and hence, MS’ bottom line. I find your “attribution” rather unrealistic.
[1] 2022 ‘https://www.kamilfranek.com/microsoft-revenue-breakdown/
Former Microsoft programmer Dave Plummer shared some history about one of those finely aged bits: the Format dialogue box, which is still used in fully updated Windows 11 installs to this day when you format a disk using Windows Explorer.
Plummer says he wrote the Format dialog in late 1994, when the team was busy porting the user interface from the consumer-focused Windows 95 (released in mid-1995) to the more-stable but more resource-intensive Windows NT (NT 4.0, released in mid-1996, was the first to use the 95-style UI).
Formatting disks "was just one of those areas where Windows NT was different enough from Windows 95 that we had to come up with some custom UI," wrote Plummer on X, formerly Twitter. Plummer didn't specify what those differences were, but even the early versions of Windows NT could already handle multiple filesystems like FAT and NTFS, whereas Windows 95 mostly used FAT16 for everything.
"I got out a piece of paper and wrote down all the options and choices you could make with respect to formatting a disk, like filesystem, label, cluster size, compression, encryption, and so on," Plummer continued. "Then I busted out [Visual] C++ 2.0 and used the Resource Editor to lay out a simple vertical stack of all the choices you had to make, in the approximate order you had to make. It wasn't elegant, but it would do until the elegant UI arrived. That was some 30 years ago, and the dialog is still my temporary one from that Thursday morning, so be careful about checking in 'temporary' solutions!"
The Windows NT version of the Format dialog is the one that survives today because the consumer and professional versions of Windows began using the NT codebase in the late '90s and early 2000s with the Windows 2000 and Windows XP releases. Plenty has changed since then, but system files like the kernel still have "Windows NT" labels in Windows 11.
Plummer also said the Format tool's 32GB limit for FAT volumes was an arbitrary decision he made that we're still living with among modern Windows versions—FAT32 drives formatted at the command line or using other tools max out between 2TB and 16TB, depending on sector size. It seems quaint, but PC ads from late 1994 advertise hard drives that are, at most, a few hundred megabytes in size, and 3.5-inch 1.44MB floppies and CD-ROM drives were about the best you could do for removable storage. From that vantage point, it would be hard to conceive of fingernail-sized disks that could give you 256GB of storage for $20. //
Red Zero Ars Praetorian
12y
510
"Nothing is more permanent than a temporary solution." - Attribution Unknown. Having encountered this in the work environment many, many times, I know the truth of this. //
While the flexible security model employed by Windows NT-based systems allows full control over security and file permissions, managing permissions so that users have appropriate access to files, directories and Registry keys can be difficult. There's no built-in way to quickly view user accesses to a tree of directories or keys. AccessEnum gives you a full view of your file system and Registry security settings in seconds, making it the ideal tool for helping you find security holes and lock down permissions where necessary.
Musk's problem was that his laptop was automatically connecting to the local Wi-Fi, which doesn't have a password. If a user can install without connecting to the internet, it is still possible to get Windows 11 up and running without using a Microsoft account. //
On a sacrificial PC, we found that Windows 11 can indeed be installed without a Microsoft account. We used Shift + F10 to drop to a command line at the network connection page and entered OOBE\BYPASSNRO to force a reboot and make the "I don't have internet" option appear. To be fair to Musk, it is quite convoluted.
Running a personal Windows 11 device without a Microsoft account is not a great experience, however. Some elements of the operating system simply do not work, and Microsoft is clearly keen for customers to have an account. If that's not a path you wish to tread, there are plenty of alternatives to Windows 11 out there.
In the early days of microcomputers, everyone just invented their own user interfaces, until an Apple-influenced IBM standard brought about harmony. Then, sadly, the world forgot. In 1981, the IBM PC arrived and legitimized microcomputers as business tools, not just home playthings. The PC largely created the industry that the …
COMMENTS
1/11/24 update added below.
Windows 10 users worldwide report problems installing Microsoft's January Patch Tuesday updates, getting 0x80070643 errors when attempting to install the KB5034441 security update for BitLocker.
Yesterday, as part of Microsoft's January 2024 Patch Tuesday, a security update (KB5034441) was released for CVE-2024-20666, a BitLocker encryption bypass that allows users to access encrypted data.
However, when attempting to install this update, Windows 10 users are reporting getting 0x80070643 errors and the installation failing. //
When installing the KB5034441 security update, Microsoft is installing a new version of the Windows Recovery Environment (WinRE) that fixes the BitLocker vulnerability.
Unfortunately, Windows 10 creates a recovery partition, usually around 500 MB, which is not large enough to support the new Windows RE image (winre.wim) file, causing the 0x80070643 error when attempting to install the update. //
Microsoft releases script to install fix
Microsoft has released PowerShell scripts that automate the installation of the BitLocker CVE-2024-20666 security patch to the Windows 10 Windows Recovery Environment (WinRE).
These scripts do not install the KB5034441 update but rather mount the WinRE partition, copy over the images from a dynamic update, and unmount the partition again.
The WinRE partition will now contain the latest files, including the BitLocker fix, effectively eliminating the need for the KB5034441 update on these machines.
Windows is live on Git
Over the past 3 months, we have largely completed the rollout of Git/GVFS to the Windows team at Microsoft.
As a refresher, the Windows code base is approximately 3.5M files and, when checked in to a Git repo, results in a repo of about 300GB. Further, the Windows team is about 4,000 engineers and the engineering system produces 1,760 daily “lab builds” across 440 branches in addition to thousands of pull request validation builds. All 3 of the dimensions (file count, repo size and activity), independently, provide daunting scaling challenges and taken together they make it unbelievably challenging to create a great experience. Before the move to Git, in Source Depot, it was spread across 40+ depots and we had a tool to manage operations that spanned them.
all the tags from https://b.plas.ml
1st-amendment 2nd-amendment 4th-amendment 5th-amendment 9/11 a8 abortion acl adhd afghanistan africa a/i air-conditioning amateur-radio amazon america american android animals anti-americanism antifa anti-semitism antiv antivirus aoip apollo apple appliances archaeology architecture archive art astronomy audio automation avatar aviation backup bash batteries belleville bible biden bill-of-rights biology bookmarks books borg bush business calibre camping capitalism cellphone censorship chemistry children china christianity church cia clinton cloud coldwar communication communist composed computers congress conservatives constitution construction cooking copyleft copyright corruption cosmology counseling creation crime cron crypto culture culture-of-death cummins data database ddt dd-wrt defense democrats depression desantis development diagrams diamonds disinformation diy dns documentation dokuwiki domains dprk drm drm-tpm drugs dvd dysautonomia earth ebay ebola ebook economics education efficiency electricity electronics elements elwa email energy engineering english environment environmentalism epa ethernet ethics europe euthanasia evolution faa facebook family fbi fcc feminism finance firewall flightsim flowers fonts français france fraud freebsd free-speech fun games gardening genealogy generation generators geography geology gifts git global-warming google gop government gpl gps graphics green-energy grounding hdd-test healthcare help history hollywood homeschool hormones hosting houses hp html humor hunting hvac hymns hyper-v imap immigration india infosec infotech insects instruments interesting internet investing ip-addressing iran iraq irs islam israel itec j6 journalism jumpcloud justice kindle kodi language ldap leadership leftist leftists legal lego lgbt liberia liberty linguistics linux literature locks make malaria malware management maps markdown marriage mars math media medical meshcentral metatek metric microbit microsoft mikrotik military minecraft minidisc missions moon morality mothers motorola movies mp3 museum music mythtv names nasa nature navigation navy network news nextcloud ntp nuclear obama ocean omega opensource organizing ortlip osmc oxygen paint palemoon paper parents passwords patents patriotism pdf petroleum pets pews photography photo-mgmt physics piano picasa plesk podcast poetry police politics pollution pornography pots prayer pregnancy presentations press printers privacy programming progressive progressives prolife psychology purchasing python quotes rabbits rabies racism radiation radio railroad reagan recipes recording recycling reference regulations religion renewables republicans resume riots rockets r-pi russia russiagate safety samba satellites sbe science sci-fi scotus secularism security servers shipping ships shooting shortwave signal sjw slavery sleep snakes socialism social-media software solar space spacex spam spf spideroak sports ssh statistics steampowered streaming supplement surveillance sync tarsnap taxes tck tds technology telephones television terrorism tesla theology thorium thumbnail thunderbird time tls tools toyota trains transformers travel trump tsa twitter typography ukraine unions united.nations unix ups usa vaccinations vangelis vehicles veracrypt video virtualbox virus vitamin vivaldi vlc voting vpn w3w war water weather web whatsapp who wifi wikipedia windows wordpress wuflu ww2 xigmanas xkcd youtube zfs