[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Windows is 100% self-modifying assembly code? (Interesting security theory)





On 12/9/2010 8:39 PM, John Jester Wilham Patrick III wrote: 

>
>From                       Andrew Auernheimer's Diary / irc memories:
>
>Windows is written in pure,                         self-modifying assembly 
>code. Notice how you can                         install 15 gigs of data from 
>a 

>single Windows                         install DVD, which can only hold 5 
>gigs? 

>This is                         because the code is dynamically generated 
>to                         
>
>minimize attack vectors. Any attempt to observe                         the 
>static files on the disk will change how it                         looks in 
>runtime. This is also why Windows needs                         to be updated 
>so 
>
>often, so the running code                         never looks like it did 
>before.
>
>Does this sound true to you guys? Windows does seem                     to 
>have 

>updates that take forever and speed wise it                     always felt 
>there was something going on.  Whenever                     I leave my laptop 
>alone, even when it's offline,                     indexing off, the computer 
>is 
>
>always working on                     stuff and you new know what it is.
>
>Maybe all applications with Windows compile on                     runtime for 
>dynamic binaries, yet through .net's                     open, user-friendly 
>API 
>
>are still compatible?
>
>Balmer said he wanted to make Vista and 7 an OS that                     would 
>not slow down after usage, but instead speed                     up. Windows 
>is 

>constantly reprogramming itself to                     suit the behavior of 
>it's 
>
>users and performing                     security and performance auditing.
>
>This is likely true - Think about it:
>
>All viruses are just malicious scripts. It's like                     saying 
>*nix is insecure because script kiddies                     compile binaries 
>and 
>
>bash scripts that rm /.
>
>No one ever has ever had an attack vector against                     Windows 
>7 

>or Vista. Please confirm.
>  

Rofl!!! Do you seriously think that something that cool would be so crappy? Ive 
heard of several attack vectors against windows 7 and vista, they are just 
'new' 
and the whitehat scene hasn't caught up quite yet. As for the inconsistent 
storage size with installation, there is this nifty little thing called 
compression, and most operating systems I know of have to dynamically create 
certain files needed for post-installation, but that doesn't mean that it's 
100% 
dynamic code. Just some of it is necessary dynamic data. Afterall any c program 
can get 'fat' during runtime by calling malloc one too many times :P Not to 
mention the documentation on PE would totally screw with the whole constant 
self-modification, you risk the chance of fucking with the binary portability 
windows loves to bed with so much. And it has to be updated so often cause of 
two reason 1.) It sucks and needs fixin or 2.) Operating systems simply go 
through lots of change. Didn't linux used to be called the 'kernel-of-the-month 
operating system'?

End point: you fail, commit seppuku.

Sincerely,
Some Kid....



      

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/