[Hidden-tech] Windows security (sic)

[David Mertz, Ph.D.]

On May 30, 2005, at 8:19 PM, Andy Klapper wrote:
> There are a couple of points that are not correct;
> 1) A process running in a Windows operating system of NT or newer 
> cannot
> access memory outside of it's own process space.

Nah, this is just wrong.  A great number of Windows services--including 
those with the most known vulnerabilities like IIS and IE--run with 
escalated permissions.  The user herself lives in protected memory 
space, but things like the web browser are given a "tunnel" into the 
kernel/admin... and all the mahem that results (predictably) from that.

Nothing nearly so foolish was ever done on any *nix systems (including 
not in OSX or Linux).

FWIW, I sometimes set up computer systems for non-experts.  I would 
never for an instant even CONSIDER setting them up on Windows systems.  
They break quickly, and that's much headache for me.  If they have 
existing x86 machines, I set them up on Linux and KDE.  If they can buy 
new hardware, I go with Apple/OSX.  Either way, it's a lot easier for 
end-users than having to wrestle with the idiocies of Windows.  No 
novice ever has difficulty working with a recent Linux system, once 
it's setup (and it's a lot easier to install/configure Linux than 
Windows.. though OSX wins over both).