Results 1 to 14 of 14
  1. #1
    5 Star Lounger petesmst's Avatar
    Join Date
    Dec 2009
    Location
    Cape Town, South Africa
    Posts
    790
    Thanks
    38
    Thanked 43 Times in 33 Posts

    New Super-Secure Version of Microsoft Windows?

    Some extracts from an interesting article:

    ..."Dudu Mimran is the co-founder of an Israeli security startup called Morphisec that is creating a super-secure version of Microsoft Windows like "Microsoft should be doing" he tells Business Insider."

    ..."The Windows OS project was born inside the BGU research center as a way to create a 100% unhackable operating system for military applications like missiles and airlines."

    ..."In techno-speak, Morphisec has created a version of Windows that "randomizes all the memory" for specific Windows applications, Mimran describes. By making computer memory a moving target, a hacker can't mess with it, and therefore can't cause damage to the rest of the computer or the data. Among beta users so far, Morphisec says it has a promising 100% success rate in stopping hackers without crying wolf with a bunch of "false positives." False positives are incidents incorrectly labelled as hack attacks."

    Read more here:

    http://uk.businessinsider.com/expert...windows-2015-8
    (My Setup: Custom built: 4.00GHz Intel Core i7-6700K CPU; MSI Z170A Gaming Carbon Motherboard (Military Class III); Win 10 Pro (64 bit)-(UEFI-booted); 16GB RAM; 512GB SAMSUNG SD850 PRO SSD; 120GB SAMSUNG 840 SSD; Seagate 2TB Barracuda SATA6G HDD; 2 X GeForceGTX 1070 8GB Graphics Card (SLI); Office 2013 Prof (32-bit); MS Project 2013 (32-bit); Acronis TI 2017 Premium, Norton Internet Security, VMWare Workstation12 Pro). WD My Book 3 1TB USB External Backup Drive). Samsung 24" Curved HD Monitor.

  2. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,186
    Thanks
    47
    Thanked 983 Times in 913 Posts
    What will MS want in license fees?
    Who wants to jump through the export controls for that one?

    cheers, Paul

  3. #3
    Bronze Lounger DrWho's Avatar
    Join Date
    Dec 2009
    Location
    Central Florida
    Posts
    1,501
    Thanks
    30
    Thanked 205 Times in 163 Posts
    And yet, MS releases Windows 10....the OS to end all OS's and it's got more security holes than one could count.

    Go figure!

    Experience is truly the best teacher.

    Backup! Backup! Backup! GHOST Rocks!

  4. #4
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,748
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by DrWho View Post
    And yet, MS releases Windows 10....the OS to end all OS's and it's got more security holes than one could count.
    Like what? As it's too many for you to count, just give me one or two.

  5. #5
    4 Star Lounger
    Join Date
    Jan 2010
    Location
    Fort McMurray, Alberta, Canada
    Posts
    561
    Thanks
    51
    Thanked 68 Times in 66 Posts
    The interwebs are skeptical of this company and their claim.

    For one thing, it's hubris at best and marketing bumpf at worst to claim "100% unhackable". There are no such systems. Security is a continuum and the goal of a perfectly secure system is not reachable under any realistic conditions. In principle a perfectly secure system can only be achieved by a computer with no network, no console, no interface, and no user. All I/O of every kind has to be systematically prohibited. And even then there may be a way to hack in!

    http://www.infoworld.com/article/295...urity-lie.html

    The second criticism is that this sounds an awful lot like ASLR, which has been implemented in Windows for quite a while now, since Vista I believe.

    The third criticism is that the testing process appears to be totally internal to this company and the company is seeking investment funding. So the company has no independent proof of their claims and strong incentive to be ah, enthusiastic about their tech. Does any company ever issue a press release saying "we have a marginally useful technology with no hope of mass commercial adoption!"?

    Perhaps they have some interesting security tech, that could very well be true. However point security solutions, or single security approaches, have never generated sufficiently good outcomes to declare security "a done deal." Security is a process and not a product.

  6. #6
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts
    promises, promises

    While it is easy to create a more secure OS than Windows there is no such thing as an unhackable OS nor can there ever be.

  7. #7
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts
    Quote Originally Posted by BruceR View Post
    Like what? As it's too many for you to count, just give me one or two.
    IE, activeX lol

  8. #8
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,186
    Thanks
    47
    Thanked 983 Times in 913 Posts
    IE and activex are not W10 products, they have been replaced by Edge.

    cheers, Paul

  9. #9
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts
    And why is that Paul?

  10. #10
    5 Star Lounger
    Join Date
    Mar 2010
    Location
    east coast
    Posts
    701
    Thanks
    89
    Thanked 8 Times in 8 Posts
    sorry
    but you are wrong

    it is possible to ARCHITECT design and build a SYSTEM (hardware software and more subsystems) that is completely secure

    i did it in the 80s

    i know a company that did it in the 80s also -- on a usaf contract

    what you cant do is add on security to windows after the fact nor fix the shortcomings in intels chip with gimmics in the bios or software

    you need a totally new architecture for hardware and software but it can be done

    nsa does not want you to have a secure system



    Quote Originally Posted by BHarder View Post
    The interwebs are skeptical of this company and their claim.

    For one thing, it's hubris at best and marketing bumpf at worst to claim "100% unhackable". There are no such systems. Security is a continuum and the goal of a perfectly secure system is not reachable under any realistic conditions. In principle a perfectly secure system can only be achieved by a computer with no network, no console, no interface, and no user. All I/O of every kind has to be systematically prohibited. And even then there may be a way to hack in!

    http://www.infoworld.com/article/295...urity-lie.html

    The second criticism is that this sounds an awful lot like ASLR, which has been implemented in Windows for quite a while now, since Vista I believe.

    The third criticism is that the testing process appears to be totally internal to this company and the company is seeking investment funding. So the company has no independent proof of their claims and strong incentive to be ah, enthusiastic about their tech. Does any company ever issue a press release saying "we have a marginally useful technology with no hope of mass commercial adoption!"?

    Perhaps they have some interesting security tech, that could very well be true. However point security solutions, or single security approaches, have never generated sufficiently good outcomes to declare security "a done deal." Security is a process and not a product.

  11. #11
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,374
    Thanks
    235
    Thanked 147 Times in 136 Posts
    Quote Originally Posted by speedball View Post
    sorry
    but you are wrong

    it is possible to ARCHITECT design and build a SYSTEM (hardware software and more subsystems) that is completely secure

    i did it in the 80s

    i know a company that did it in the 80s also -- on a usaf contract

    what you cant do is add on security to windows after the fact nor fix the shortcomings in intels chip with gimmics in the bios or software

    you need a totally new architecture for hardware and software but it can be done

    nsa does not want you to have a secure system

    and is it still in use (hopefully)?
    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  12. #12
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,186
    Thanks
    47
    Thanked 983 Times in 913 Posts
    Quote Originally Posted by Fascist Nation View Post
    And why is that Paul?
    You have not provided an example of the holes you claim are in W10. Are you admitting defeat?

    cheers, Paul

  13. #13
    4 Star Lounger
    Join Date
    Jan 2010
    Location
    Fort McMurray, Alberta, Canada
    Posts
    561
    Thanks
    51
    Thanked 68 Times in 66 Posts
    There's always a weak spot, in any production system with realistic operating conditions. If the OS is secure then the applications can be weak. If the apps are secure then the network is the target. If the network is secure then the user is the point of entry.

    I've always been fascinated by bank vaults, the really elaborate ones. All stainless steel, chrome, locks, alarms. Yet every single one can be breached. It's just a question of how skilled the attacker is, how much time and resources they have, and how determined they are. In fact companies routinely require access to a locksmith or vendor who can do this just in case the vault owner accidentally locks themselves out, or an employee goes rogue, or something else bad happens.

    The other issue is that increasing levels of security routinely come at the expense of convenience and usability. High security systems are often annoying and inconvenient to use, or they are expensive or inflexible. When the usability factors get bad enough then authorized users start to bypass or circumvent, either specific security features or the entire system. Which is naturally counterproductive!

    My conclusion is that the ultimate security is people. When you detect an attack you can raise the alarm and the good guys come and intervene with the bad guys. And if the bad people outnumber the good people, and are still determined, then you are really in trouble.

    Security isn't pointless but it is a continuum, with the maximum goal of 100% security being unattainable.

  14. #14
    5 Star Lounger
    Join Date
    Oct 2013
    Location
    Phoenix, AZ
    Posts
    926
    Thanks
    554
    Thanked 137 Times in 128 Posts
    Quote Originally Posted by Paul T View Post
    You have not provided an example of the holes you claim are in W10. Are you admitting defeat?

    cheers, Paul
    I am not the one who made the claim. But with as many lines of code and with MS' penchant for giving the finger to security and stability for speed I know Win10 like all OS is riddled with flaws that will soon be exploited...if MS doesn't destroy Win10 first.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •