Windows 8: Microsoft joins Apple camp
Windows 8 is definitely oriented on PCs with touch display. It breaks interface compatibility mode that existed since
Windows 95 (almost 20 years). And it does not bring much to the table to long-time Windows users. On the contrary it make
a lot of things more difficult. One of the concerns I have is that they hide command like where it was possible. For
example run is now available only from Control Panel.
IMHO Windows 8 is OK for regular users, but can be problematic for power users and enthusiasts. So try any Windows 8
PC without touch screen in store, before you buy this model. For long time Windows users Windows 7 is a safer bet.
My feeling is that Windows 8 does not provide return on investment in learning a new interface for those who do not have
a touch screen.
Also one dimensional nature of new "startup tiles" is heavily biased toward touch screen users which for desktops are
limited to all-in-one PCs. Does not provide return on investment in learning new interface for those who do not have a touch
screen. Metro UI was often counterintuitive when running on a desktop PC with a traditional keyboard and mouse
Windows 8 makes PC more like consumer oriented appliance that traditional multi-purpose Windows machine to which line
of Microsoft OSes from Windows 3.1 to Windows 7 used to belong. Now there is distinct of Apple flavor of closed ecosystem.
Which many consumer might like and enjoy. Tiles that are automatically updated on a new "full-screen" start up screen are
actually pretty cute and default installation is populated with Amazon, Ebay, Weather, Finance and other tiles.
The key attraction of Windows 8 is a better security as this is the first version of Windows released after Stuxnet and
Flame Trojans were discovered. Microsoft was essentially smashed in the face by those Trojans showing glaring holes of its
security architecture including the security of Windows updates.
Here is some security measures that Microsoft implemented in Windows 8:
With Windows XP SP2, we began creating defenses called
that make it difficult to develop reliable exploits for security vulnerabilities. Each subsequent version of Windows
has continued to expand and improve on these mitigations, because a single mitigation feature can break an entire class
of exploits. Windows 8 includes mitigation enhancements that further reduce the likelihood of common attacks. Some of
these improvements include:
- Address Space Layout Randomization (ASLR).
ASLR was first introduced in Windows Vista and works by randomly shuffling the location of most code and data
in memory to block assumptions that the code and data are at same address on all PCs. In Windows 8, we extended
ASLR’s protection to more parts of Windows and introduced enhancements such as increased randomization that will
break many known techniques for circumventing ASLR.
- Windows kernel. In Windows 8, we bring many of the mitigations to the Windows kernel that previously
only applied to user-mode applications. These will help improve protection against some of the most common type
of threats. For example, we now prevent user-mode processes from allocating the low 64K of process memory, which
prevents a whole class of kernel-mode NULL dereference vulnerabilities from being exploited. We also added integrity
checks to the kernel pool memory allocator to mitigate kernel pool corruption attacks.
- Windows heap. Applications get dynamically allocated memory from the Windows user-mode heap. Major redesign
of the Windows 8 heap adds significant protection in the form of new integrity checks to help defend against many
exploit techniques. In addition, the Windows heap now randomizes the order of allocations so that exploits cannot
depend on the predictable placement of objects—the same principle that makes ASLR successful. We also added guard
pages to certain types of heap allocations, which helps prevent exploits that rely on overrunning the heap.
- Internet Explorer. “Use-after-free” vulnerabilities represented nearly 75% of the vulnerabilities reported
in Internet Explorer over the last two years. For Windows 8, we implemented guards in Internet Explorer to prevent
an attacker from crafting an invalid virtual function table, making these attacks more difficult. Internet Explorer
will also take full advantage of the ASLR improvements provided by Windows 8.
... ... ...
Improved protection for all types of malware. The improvements to Windows Defender will help protect you from
all types of malware, including viruses, worms, bots and rootkits by using the complete set of malware signatures from
Microsoft Malware Protection Center, which Windows Update will deliver regularly along with the latest
Microsoft antimalware engine. This expanded set of signatures is a significant improvement over previous versions,
which only included signatures for spyware, adware, and potentially unwanted software.
In addition, Windows Defender will now provide you with real-time detection and protection from malware threats using
a file system filter, and will interface with Windows secured boot, another new Window 8 protection feature.
When you use a PC that supports UEFI-based Secure Boot (defined in the
UEFI 2.3.1 specification), Windows secured boot will help ensure that all firmware and firmware updates are secure,
and that the entire Windows boot path up to the antimalware driver has not been tampered with. It does this by loading
only properly signed and validated code in the boot path. This helps ensure that malicious
code can’t load during boot or resume, and helps to protect you against boot sector and boot loader viruses, as well
as bootkit and rootkit malware that try to load as drivers.
The same interfaces for secured boot used by Windows Defender, as well as all APIs used by Windows Defender, are
available for use by our antimalware partners to deliver additional protection to Windows customers.
- Improved user experience. We have designed Windows Defender to be unobtrusive for most daily usage, and
will notify you only when you need to perform an action, or critical information demands your attention. Windows
Defender will also use the new Windows 8 maintenance scheduler to limit interruptions.
- Improved performance. Traditional antimalware technologies are well known for impacting system
performance. It’s not uncommon that running antimalware software doubles the amount of time required for core scenarios
like file copy and boot. As you read in last week’s
blog entry, we have a lot of people working on system performance and Windows Defender dramatically improves
performance on all key scenarios compared to common antimalware solutions on Windows 7, while maintaining strong
protection. For example, Windows Defender with its full protection functionality enabled adds only 4% to boot time,
while dramatically reducing CPU time during boot by 75%, disk I/O by around 50MB, and peak working set by around
These same improvements benefit energy efficiency, meaning Windows Defender consumes less power, and gives you longer
... ... ...
Since its release, the SmartScreen filter has used URL reputation to help protect Internet Explorer customers from
more than 1.5 billion attempted malware attacks and over 150 million attempted phishing attacks.
Application reputation, a new feature added to SmartScreen in Internet Explorer 9, provides an additional layer
of defense to help you make a safer decision when URL reputation and traditional antimalware aren’t enough to catch
the attack. Telemetry data shows 95% of Internet Explorer 9 users are choosing to delete or not run malware when they
receive a SmartScreen application reputation warning.
In Windows 8, SmartScreen will only notify you when you run an application that has not yet established a reputation
and therefore is a higher risk
SmartScreen uses a marker placed on files at download time to trigger a reputation check. All major web browsers
and many mail clients, and IM services already add this marker, known as the “mark of the web,” to downloaded files.
We expect average users to see a SmartScreen prompt less than twice per year and when they do see it, it will signify
a higher risk scenario. Telemetry data shows 92% of applications downloaded via Internet Explorer 9 already have an
established reputation and show no warnings. The same data shows that when an application reputation warning is shown,
the risk of getting a malware infection by running it is 25-70%. And SmartScreen gives you administrative controls to
prevent your non-techie friends or children from ignoring these warnings.
We’ve seen dramatic results with this approach in Internet Explorer and we’re happy to bring it to a broader set
of Windows scenarios.
Windows Defender looks like renamed Microsoft Security Essentials to me ;-).
- [Sep 13, 2015] Microsoft pushes Windows 10 upgrade to PCs without user consent By Gregg Keizer ( Sep 11, 2015 | Network World )
- [Oct 18, 2013] Microsoft releases Windows 8.1, in restart
- [May 30, 2013] Microsoft Windows 8.1 Features Detailed Start Button Revival and App Improvements on The Way ( ABC News )
- [Mar 12, 2013] Slick trick $5 tool runs Modern apps on the Windows 8 desktop By Gregg Keizer ( March 12, 2013 | Computerworld )
- [Dec 15, 2012] What is the difference between Windows 8 Pro and Pro Pack with Windows - Microsoft Community
- [Dec 10, 2012] ASUS VivoBook X202E-DH31T 11.6-Inch Touch Laptop
- Dell Inspiron i660-3036BK Desktop Computers & Accessories ( Amazon.com )
- Protecting you from malware - Building Windows 8 - Site Home - MSDN Blogs
- [Nov 30, 2012] Whats the price of a new Windows 8 zero-day vulnerability by Jeremy Kirk ( November 2, 2012 | Computerworld )
- [Nov 30, 2012] Microsoft joins malware, ad teams to fight click fraud ( Computerworld )
Microsoft with Windows 10 is doing a great job of destroying user trust. Look like Windows OS itself
became a malware...
"..."For those who have chosen to receive automatic updates through Windows Update, we help
customers prepare their devices for Windows 10 by downloading the files necessary for future installation,"
a company spokeswoman said in an email. "This results in a better upgrade experience and ensures the
customer's device has the latest software. This is an industry practice that reduces time for installation
and ensures device readiness." "
"...The upgrade, which can range in size from more than 3GB to nearly 6GB, is placed in the
hidden "$Windows.~BT" folder, a long-used destination for Windows upgrades. It will sit there, presumably
until the user expresses some kind of desire to install Windows 10. "
"..."I had to travel recently, so I took a laptop with [a] clean Windows 8.1 Pro install," wrote
one such user, identified only as
"X.25" on Slashdot.
"At my destination, I purchased a SIM (they only had 1GB data packages) and put it into the 3G/W-Fi
router I carry. I powered the laptop, connected to [the] Internet via said router, checked [a] few things,
then went away for [a] few hours. When I got back to [the] apartment, my data package (and Internet
connectivity) was killed because [the] Microsoft idiots decided to start downloading Windows 10 even
though I have explicitly closed/rejected all the 'offers.'" "
Microsoft confirms it has been silently downloading massive upgrade
to Windows machines via automatic updates, chewing up bandwidth and storage space
Microsoft today confirmed it has been pre-loading the Windows 10 installation bits onto devices
whose owners have not "reserved" a copy or expressed interest in the new OS.
The move has upset some users of Windows 7 and Windows 8.1, who have complained that the unsolicited
downloads have caused them to exceed their Internet providers' data caps or seized storage space
without their consent.
In a statement, Microsoft acknowledged
the practice, which was
first reported by The Inquirer on Thursday.
"For those who have chosen to receive automatic updates through Windows Update, we help customers
prepare their devices for Windows 10 by downloading the files necessary for future installation,"
a company spokeswoman said in an email. "This results in a better upgrade experience and ensures
the customer's device has the latest software. This is an industry practice that reduces time for
installation and ensures device readiness."
If Windows 7 or Windows 8.1 device owners have Windows Update set to the default -- and Microsoft-recommended
-- option that lets the operating system download and install security and other bug fixes automatically
in the background, Microsoft will push the
Windows 10 upgrade
files to the drive.
The upgrade, which can range in size from more than 3GB to nearly 6GB, is placed in the hidden
"$Windows.~BT" folder, a long-used destination for Windows upgrades. It will sit there, presumably
until the user expresses some kind of desire to install Windows 10.
Microsoft has been pre-loading the Windows 10 upgrade on systems since late July, but it was
thought that the practice had been limited to PCs whose owners had accepted Microsoft's free offer
and "reserved" a copy through an app the Redmond, Wash. company
automatically installed this spring and early summer on virtual all consumer PCs running Windows
7 Home and 8.1 Home, and on many machines powered by Windows 7 Professional and Windows 8.1 Pro.
After the Windows 10 upgrade was downloaded to the device, the user was notified through the app
that it was ready to install.
This new scheme, however, is vastly different in that the bits are downloaded to the device even
though the user has not asked for the upgrade.
Not surprisingly, among the first to notice the I-did-not-ask-for-this upgrade were people who
have data caps mandated by their Internet service providers (ISPs), particularly those who relied
on a cellular connection to the Internet.
Several commenters in a long thread on Slashdot claimed that they had exceeded their caps because
Microsoft downloaded the massive upgrade to their hardware without their approval.
"I had to travel recently, so I took a laptop with [a] clean Windows 8.1 Pro install," wrote one
such user, identified only as
Slashdot. "At my destination, I purchased a SIM (they only had 1GB data packages) and put it
into the 3G/W-Fi router I carry. I powered the laptop, connected to [the] Internet via said router,
checked [a] few things, then went away for [a] few hours. When I got back to [the] apartment, my
data package (and Internet connectivity) was killed because [the] Microsoft idiots decided to start
downloading Windows 10 even though I have explicitly closed/rejected all the 'offers.'"
Others didn't appreciate the unwelcome guest that dropped into their limited storage space. Anyone
with a 128GB SSD (solid-state drive), for example, would be concerned if 5% of their storage capacity
was occupied without their okay.
Some also wondered whether Microsoft would take the next logical step by either dunning users
with notifications urging them to apply the already-installed upgrade, or make the much more unlikely
move of automatically triggering the upgrade.
The former would, frankly, not be that different from what Microsoft has already done with those
who accepted the free upgrade and reserved a copy. It's possible that many on the receiving end of
such notifications would approve the upgrade, and even appreciate the fact that they did not have
to wait for a long download to complete before upgrading. The latter, however, would be unprecedented,
and would almost certainly fuel a firestorm of protest.
Microsoft did not immediately reply to follow-up questions about its intensions.
What is also interesting about the upgrade-prep is Microsoft's defense, that it's an "industry
Although that may be true in limited instances --
Google's Chrome browser, for example,
regularly pre-loads updates, which are then automatically installed the next time the application
is launched -- as far as Computerworld knows, it's never been done with either an operating
system or software that demands installation files of this size. The most common practice for operating
systems, by far, is to begin downloading an upgrade only after the user has been notified, and then
approved the procedure.
Wes Miller, an analyst with Directions on Microsoft, agreed. "I've seen some tiny apps do it for
updates. But not for an OS upgrade," Miller said in an email answer to a question asking whether
he recalled any similar examples.
This story, "Microsoft pushes Windows 10 upgrade to PCs without user consent" was
originally published by
San Francisco (AFP) - Microsoft released
Windows 8.1 on Thursday, after tweaking the
operating system designed for various
devices that had confused some users.
update is free for those using Windows 8,
released last year to help Microsoft
navigate the transition from traditional
personal computers to mobile devices such as
The revamped version brings back the
"start" button, which disappeared last year
and prompted protests from some PC users
unaccustomed to the tiled menu adapted for
"We are getting meaningful feedback through telemetry -- anonymous user telemetry. We see how customers are using the
product, that's a big set of data points," she explained.
Microsoft plans to detail the exact changes in Blue over the next couple of months. However, even before Blue or Windows 8.X
is released Reller said there will be significant new apps coming to the app store and a series of new computers with higher
resolution screens and thinner designs arriving in time for back-to-school season.
"People are continuing on using the product," she said. "We want to shorten the learning curve with customers."
...Stardock, best known to Windows 8 users for Start8, software that
restores the Start button and menu, shipped a beta of ModernMix on March 6.
As it did with Start8, Stardock priced the ModernMix beta at $5 and promised
buyers the final software when it's released later this month or in early
Once installed, ModernMix lets Windows 8 users run Modern apps -- still
labeled "Metro" by most outside Microsoft -- within a Win32 frame on the
desktop, eliminating the need to switch from the familiar Windows 7-style
user interface (UI) to the newer, and to many, the jarring tile-based UI of
the Janus-like OS.
Because the Modern apps run inside a traditional desktop window, they can be
resized, which is impossible on the Modern UI, where every app defaults to
full-screen, and at best can share the display with only one other app.
For a limited time, Microsoft is offering windows 8 Pro upgrade from their site for only 39 dollars and offering media
center for free as well until January 31st
No... Windows 8 Pro upgrade will upgrade you from xp, vista, 7 to windows 8 pro. The pro pack on the other
hand requires you have windows 8 installed and upgrades you to windows 8 pro. It is sort of like going from XP
Home to XP pro. However, the Windows 8 pro pack does include media center but you
can purchase that online once you install the windows 8 pro.
Also for a limited time, Microsoft is offering windows 8 Pro upgrade from their site for only 39 dollars and offering
media center for free as well until January 31st This is how I acquired my upgrade. I upgraded from 7 home
premium to 8 pro then got my free product key for media center. Get your copy today for only $39.00
In Acronis you need to boot from the CD and copy the whole disk. Then restore the whole disk.
X202e hardware update, December 5, 2012
Clayton Abrams (Lincoln, CA) -
See all my reviews
This review is from: ASUS VivoBook X202E-DH31T 11.6-Inch Touch Laptop (Personal Computers)
I was able to update the X202e to a 250G Samsung SSD drive. The increased performance is outstanding and almost unbelievable.
I could not clone the factory 500 Gbyte drive. Most cloning software will not work like Acronis etc. They get upset
with a Win 8 partition on the system (GPT?). I may have that name incorrect. I tried for three days without success
and felt it was mission impossible.
Microsoft Windows 8 has a binary backup and restore function. Look at the Win 8 Control Panel to find it. I tried
dozens of time to use it, but for some reason all backup's failed using the Asus 500 G Drive. Not sure why this function
will not work. When I installed the SSD drive the Microsoft 8 built in binary backup/restore worked 100% the first time.
I finally did a new clean new install on the Samsung 250G SSD drive using a USB CDROM. I used a Microsoft Win 8 install
DVD the install was so clean and simple I concluded this is the only method to use. I found a lot of strange things
happen with the initial install. Of course I needed more drivers.
I then went to the Asus Web Site and downloaded all drivers. There were about 20 drivers. Once installed as far as
I can tell everything works as the laptop comes from the factory. Of course none of the 3rd party software was there.
That's OK with me.
Now looking for a replacement battery. Found one for $115, will wait on this. Saw a Youtube Video on CPU update.
This looks very easy to do.
This X202e sure is a great hardware platform for updates and upgrades.
Hope this helps, Clay
This is a typical minitower with Windows 8 installed. Was $480 on Black Friday directly form Dell (tax and shipping
Prices on Amazon fluctuate so you need to compare with Dell direct price before buying. Shipping is quicker for Amazon.
This is a typical consumer minitower with Windows 8 installed (a regular version, not a pro version but you can upgrade
to Windows 8 Pro for $70). IMHO Windows 8 is OK for regular users, but can be problematic for power users and enthusiasts.
So try any Windows 8 PC without touch screen in store, before you buy this model. A similar model can be bought with
Windows 7 instead of Windows 8 (see model Dell Inspiron i660-6029BK). For long time Windows users Windows 7 is a safer
bet. My feeling is that Windows 8 does not provide return on investment in learning a new interface for those who do
not have a touch screen.
This model uses built-in Intel video. There is also a similar model with NVIDIA GT 620 (i660-4032BK). The latter
is better for gamers. Does not matter for anybody else.
The tower has one free bay for an additional harddrive, but just two memory slots on the motherboard (both used by
4 GB RAM sticks). It has two USB 3.0 ports which is very important for photo-enthusiasts and for backups of your data.
Large drive guarantee that you will not run out of space for a long time (although photo-enthusiasts would be better
off by buying additional mirrored USB 3.0 drive or installing the second drive into computer).
Like other consumer oriented Dell machines it is very well built and piano-black looks very attractive on the table
(I would say not worse then more expensive OptiPlex 9010 which would be competing Dell offering).
It has regular analog VGA port and HDMI port. So it can support two monitors configuration (you need a cable to convert
HDMI to DVI for older monitors to connect the second monitor).
The PC also has a slot for SD cards, for which you often pay extra on other Dell models.
Due to Windows 8 installed booting is very fast (actually instead of full boot Windows 8 simply wakes up from hybernation
to cut time). Please note that it has secure boot enabled so to create dual boot environment (I did not tried this myself)
you need to disable it first. You might need the second harddrive too. Speed of browsing is limited by speed of your
Internet connection. As it has i5 CPU it can perform multiple tasks simultaneously without sweating.
Windows 8 installation makes it more like consumer-oriented appliance that a traditional multi-purpose Windows machine
to which line of Microsoft OSes from Windows 3.1 to Windows 7 used to belong. Now there is distinct flavor of Apple-style
closed ecosystem. Which many entry-level users might like and enjoy, but which annoy power users and Pc enthusiasts.
Tiles that are automatically updated on a new "full-screen" start up screen are actually pretty cute and default installation
is populated with Amazon, Ebay, Weather, Finance and other tiles.
If you are a computer science student or just a hobbyist which like to tinker with OS and hardware you might be better
served by a similar model with Windows 7(i660-4032BK) which actually is priced lower, or by OptiPlex 9010 which also
can be bought with Windows 7 and recovery disks. The latter (OptiPlex 9010) allows hardware mirrowing of hard drives.
But for a regular consumer this is a perfect desktop which will serve 3-5 years without problems. Please note the
Windows 8 provide good built-in free virus protection (Windows Defender). I would delete McAfee trial that Dell preinstall
as IMHO it's useless and represents Windows insecurity tax which security companies try to force you to pay, but your
mileage may vary. In any case do not pay for extension when the trial expire, as built-in protection (Windows Defender)
is adequate for most consumers and for those it is inadequate Mcafee will be inadequate too. In view of complexity of
modern malware you are better off using a second PC dedicated to financial and other important trasactions instead of
paying AV companies for illusionary protection.
Another important thing for consumer is that recovery from virus infections can be much easier due to built in ability
of Windows 8 to restore the default configuration. This is a feature of all PCs with Windows 8 installed not only this
Note: Keyboard supplied with the machine looks very nice and is adequate for occasional typing. If you spend long
hours typing you better change it to more professional keyboard like Microsoft Natural Ergonomic Keyboard 4000. The
same is true about the mouse provided with the tower.
- TPM Bob
15 Sep 2011 1:59 PM
Will Win8 use the mandatory integrity labels more aggressively than Win7?
For example, will it be used for more than just IE, will there be new GUI or command-line tools for it, will there be
Group Policy support for setting these integrity labels and associated read/write/execute rules? Thanks!
15 Sep 2011 2:16 PM
You are very vague. Explain clearly: Is Windows Defender now the same as
Security Essentials or is Essentials still a superset of Defender? You talk about realtime protection. I thought Defender
already includes a realtime protection. What has changed? Again vague and unclear. I Defender in Windows 8 a true antivirus
product then or not? What feature are still missing for example? Be clear. You are ivasive. Microsoft is always vague
like this especially in your documentation. Say it clearly, we are implementing this and not implementing the other
thing. Be clear please.
15 Sep 2011 2:28 PM
Microsoft is always vague everywhere. In their documentation, MSDn everywhere.
Compare this to Google's cristal clear posts and developer documentation. Anyway: What does "Interfacing with secure
boot" mean exactly? It can mean one hundred things. What do you do exactly? And why do you separate realtime protection
from other types of protection. You say you provide enhanced protection against most malware and yet below you talk
about realtime protection. Why? Is realtime separate. When I buy an antivirus realtime protection is understood to be
part of the "protection" not extra. And you mean to say the Defender did not have realtime protection before? Again
be clear like Google.
15 Sep 2011 2:33 PM
I'm going to have to disagree with you Anon. I find MSDN documentation to be way better than any other documentation
library I've used. Is it perfect? no. But it is really good.
15 Sep 2011 4:59 PM
"Windows Defender with its full protection functionality enabled adds only
4% to boot time, while dramatically reducing CPU time during boot by 75%, disk I/O by around 50MB, and peak working
set by around 100MB."
Excellent work. Compare to these figures:
I've never heard of UEFI Secure Boot - are you going to do a seperate post on that subject?
As a matter of comparison, what would be the most secure system, of:
* Windows 8 running Defender
* Windows 8 with Defender disabled but this Group Policy setting enabled:
Security Settings\Local Policies\Security Options: ValidateAdminCodeSignatures
- Chief Scientist
15 Sep 2011 8:58 PM
Do a Bing search on the recent malware attacks to OS X. Then say that OS X is more secure. Windows has more attackers
specifically because it has 90% marketshare. Why even target something with 3% when you're getting paid for the number
of computers either taken over or infected?
And yes, as indicated in the article above, Microsoft has done studies
on how often the user clicks "yes" continue and has a problem and when the click "yes" and don't. Please read the article
I also agree with the guy who said that "how security prevents attacks should be kept vague", and you should too,
unless you're a hacker, that is.
4 Oct 2011 6:46 PM
one feature which would DRAMATICALLY reduce the attack surface (at least
for a while) of windows is the capability of turning wow64 off (making it a windows feature), like here:
that means, no 32 bit malware can run. at all. we have 64 bit IE, FF (waterfox, pale moon at least), flash, java,
silverlight (in rc, stable before the end of year), so it actually starts to make sense! there's also 64 bit office,
total commander, utorrent, 7-zip, ... so it would be a great help for casual users! please port your common apps to
64 bit (like wmp and windows live essentials)!
if it's not possible in windows 8 as of yet, please, please make it so for the release! thank YOU!!
10 Oct 2011 11:38 AM
There exists some issue with MSE and AutoHotkey compiler. See
Just tested it, it exists in Windows Developer Preview too. Please fix this for the beta. When you start compiling an
AHK script into an EXE, CPU usage increases if MSE is running, everything stops responding and sometimes script compilation
11 Oct 2011 12:43 AM
The lack of protection (obsolete/not-updated antimalware) often comes from the fact that home computers come with some
preinstalled 3rd party "antivirus" (either russing on a "trial" license or on a regular time limited one) now, more
often than not, people won't care (or notice) about that license expiration and will keep running the system even if
the AV isn't "working" anymore and this, by the way, leaves such systems unprotected since the AV will be out of date
and the native Windows Defender will, in most cases be disabled (by the AV). To help avoiding such a situation, I think
that Microsoft should arrange things so that, in case a given installed 3rd party AV will "expire", the AV itself should
disable (or partially disable) its protection and re-enable the windows defender so that the system will have at least
a line of defence; I believe that Microsoft should enforce such an approach and ensure that all 3rd party antimalware
brands will follow such a guideline since this may greatly help reducing the impact of malware
It's not exactly the type of advertisement most people would understand.
For sale: "Our first 0day for Win8+IE10 with HiASLR/AntiROP/DEP & Prot Mode sandbox bypass (Flash not needed)." It's
part of a recent message on Twitter from
Vupen, a French company that specializes in finding vulnerabilities in widely used software from companies such as
Microsoft, Adobe, Apple and
Vupen occupies a grayish area of computer security research,
selling vulnerabilities to vetted parties in governments and companies but not sharing the details with affected software
vendors. The company advocates that its information helps organizations defend themselves from hackers, and in some
cases, play offense as well.
Vupen has found a problem somewhere in Microsoft's new
Windows 8 operating system and its Internet Explorer 10 browser. The flaw has not been publicly disclosed or fixed
by the company yet.
Vupen's finding is one of the first issues for Windows 8, released last week, and Internet Explorer 10, although
vulnerabilities have since been found in other third-party software that runs on the Windows 8.
Dave Forstrom, Microsoft's Trustworthy Computing director, said the company encourages researchers to participate
in its Coordinated Vulnerability Disclosure program, which asks that people give it time to fix the software problem
before publicly disclosing it.
"We saw the tweet, but further details have not been shared with us," Forstrom said in a statement.
Twitter message, written on Wednesday, implies the vulnerability would allow a hacker to bypass security technologies
contained within Windows 8, including high-entropy Address Space Layout Randomization (ASLR), anti-Return Oriented Programming
and DEP (data execution prevention) measures. The company also indicates it is not dependent on a problem with Adobe
System's Flash multimedia program.
"Certainly, if the bug is confirmed, then this could be a black eye for Microsoft having their brand new and touted
most secure platform already found flawed just after its public release," said Andrew Storms, director of security operations
The market opportunity for a successful exploit may be limited due to the recent release of Windows 8, but "on the
other hand, nobody has confirmed this bug isn't also functional on older version of Windows or IE," Storms said.
Jody Melbourne, a penetration tester and senior consultant with the Sydney-based Australian security company HackLabs,
said the vulnerability could be useful to third-party Microsoft developers interested in stealing code-signing certificates
or source code.
So what's the vulnerability worth? It's hard to say. Vupen doesn't publish a public price list. But Melbourne said
"the value of the bug will only increase with time, of course, the longer Vupen sits on it and if no one else stumbles
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
Microsoft is linking malicious software analysts with online advertising fraud experts in an effort to disrupt click
fraud, a scam where advertisers pay for worthless clicks.
The Microsoft Malware Protection Center (MMPC) will work with the online forensics team within Bing Ads, the company's
online advertising system formerly known as adCenter,
wrote Nikola Livic, a MMPC software developer.
Large data sets on malware will be correlated with clicks on advertising in order to detect potentially fraudulent
behavior, Livic wrote.
"We are taking two relatively disparate domains of expertise and tools, namely malware and online advertising, and
creating prevention systems and processes for identifying the entire chain of benefactors of click-fraud malware," Livic
wrote. "In this way, we're stopping the flow of illicit money at the adCenter level."
Microsoft cited statistics from NSS Labs, a company that evaluates and tests security systems, that
some 60 to 70 percent of malicious software has been engineered to do some form of click fraud.
"To date, we have identified three malicious software families monetizing in this manner and have recouped those
ill-gotten gains from the benefactors," Livic wrote.
Click fraud hurts advertisers since they end up paying for clicks that do no result in customers or even potential
customers. Fraud is also a touchy area for advertising networks, who stand to benefit financially from more clicks but
could lose business if fraud rises.
Microsoft cited some surprisingly high statistics to support its contention that click fraud is "rampant" in the
online advertising business, which was worth US$32 billion in 2011. The company drew data from a
research paper presented in August at the ACM Special Interest Group on Data Communication conference in Helsinki.
The paper, written by two researchers who work for Microsoft Research and one from the University of Texas at Austin,
sought to estimate click fraud by measuring the number of users who clicked on an ad to those who eventually ended up
on the advertiser's website. They studied ten ad networks, including those run by companies including Google, Microsoft
and Facebook. None of those companies released specifics about click fraud on their networks for use by the researchers.
There are many unknowns that make measuring click fraud hard, the researchers wrote. Ad networks do not know the
false negative rate of their detection systems, or when they fail to detect a fraudulent click, which results in an
underestimation of click fraud. Third-party analytics companies do not allow their systems to be scrutinized, which
causes ad networks to claim they overestimate click fraud, according to the paper.
The researchers said they found "incontrovertible evidence of dubious behavior for around half of the search ad clicks
and a third of the mobile ad clicks." Overall, around 22 percent of clicks on ads were fraudulent, Livic wrote.
Facebook have periodically faced accusations that click fraud is more prevalent on their networks than the companies
admit. Google says that less than
10 percent of clicks on AdWords, its search-engine based advertising product.
Softpanorama hot topic of the month
Windows 8 Security Features
How to manually download the latest definition updates for Windows Defender
FAIR USE NOTICE This site contains
copyrighted material the use of which has not always been specifically
authorized by the copyright owner. We are making such material available
in our efforts to advance understanding of environmental, political,
human rights, economic, democracy, scientific, and social justice
issues, etc. We believe this constitutes a 'fair use' of any such
copyrighted material as provided for in section 107 of the US Copyright
Law. In accordance with Title 17 U.S.C. Section 107, the material on
this site is distributed without profit exclusivly for research and educational purposes. If you wish to use
copyrighted material from this site for purposes of your own that go
beyond 'fair use', you must obtain permission from the copyright owner.
ABUSE: IPs or network segments from which we detect a stream of probes might be blocked for no
less then 90 days. Multiple types of probes increase this period.
Two Party System
as Polyarchy :
Corruption of Regulators :
and Control Freaks : Toxic Managers :
Harvard Mafia :
: Surviving a Bad Performance
Review : Insufficient Retirement Funds as
Immanent Problem of Neoliberal Regime : PseudoScience :
Who Rules America :
: The Iron
Law of Oligarchy :
War and Peace
Finance : John
Kenneth Galbraith :Talleyrand :
Oscar Wilde :
Otto Von Bismarck :
George Carlin :
Propaganda : SE
quotes : Language Design and Programming Quotes :
Random IT-related quotes :
Somerset Maugham :
Marcus Aurelius :
Kurt Vonnegut :
Eric Hoffer :
Winston Churchill :
Napoleon Bonaparte :
Ambrose Bierce :
Bernard Shaw :
Mark Twain Quotes
Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient
markets hypothesis :
Political Skeptic Bulletin, 2013 :
Unemployment Bulletin, 2010 :
Vol 23, No.10
(October, 2011) An observation about corporate security departments :
Slightly Skeptical Euromaydan Chronicles, June 2014 :
Greenspan legacy bulletin, 2008 :
Vol 25, No.10 (October, 2013) Cryptolocker Trojan
Vol 25, No.08 (August, 2013) Cloud providers
as intelligence collection hubs :
Financial Humor Bulletin, 2010 :
Inequality Bulletin, 2009 :
Financial Humor Bulletin, 2008 :
Bulletin, 2004 :
Financial Humor Bulletin, 2011 :
Energy Bulletin, 2010 :
Malware Protection Bulletin, 2010 : Vol 26,
No.1 (January, 2013) Object-Oriented Cult :
Political Skeptic Bulletin, 2011 :
Vol 23, No.11 (November, 2011) Softpanorama classification
of sysadmin horror stories : Vol 25, No.05
(May, 2013) Corporate bullshit as a communication method :
Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law
Fifty glorious years (1950-2000):
the triumph of the US computer engineering :
Donald Knuth : TAoCP
and its Influence of Computer Science : Richard Stallman
: Linus Torvalds :
Larry Wall :
John K. Ousterhout :
CTSS : Multix OS Unix
History : Unix shell history :
VI editor :
History of pipes concept :
Solaris : MS DOS
: Programming Languages History :
PL/1 : Simula 67 :
History of GCC development :
Scripting Languages :
Perl history :
OS History : Mail :
DNS : SSH
: CPU Instruction Sets :
SPARC systems 1987-2006 :
Norton Commander :
Norton Utilities :
Norton Ghost :
Frontpage history :
Malware Defense History :
GNU Screen :
OSS early history
Principle : Parkinson
Law : 1984 :
The Mythical Man-Month :
How to Solve It by George Polya :
The Art of Computer Programming :
The Elements of Programming Style :
The Unix Hater’s Handbook :
The Jargon file :
The True Believer :
Programming Pearls :
The Good Soldier Svejk :
The Power Elite
Most popular humor pages:
Manifest of the Softpanorama IT Slacker Society :
of the IT Slackers Society : Computer Humor Collection
: BSD Logo Story :
The Cuckoo's Egg :
IT Slang : C++ Humor
: ARE YOU A BBS ADDICT? :
The Perl Purity Test :
Object oriented programmers of all nations
: Financial Humor :
Financial Humor Bulletin,
2008 : Financial
Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related
Humor : Programming Language Humor :
Goldman Sachs related humor :
Greenspan humor : C Humor :
Scripting Humor :
Real Programmers Humor :
Web Humor : GPL-related Humor
: OFM Humor :
Politically Incorrect Humor :
IDS Humor :
"Linux Sucks" Humor : Russian
Musical Humor : Best Russian Programmer
Humor : Microsoft plans to buy Catholic Church
: Richard Stallman Related Humor :
Admin Humor : Perl-related
Humor : Linus Torvalds Related
humor : PseudoScience Related Humor :
Networking Humor :
Shell Humor :
Financial Humor Bulletin,
2011 : Financial
Humor Bulletin, 2012 :
Financial Humor Bulletin,
2013 : Java Humor : Software
Engineering Humor : Sun Solaris Related Humor :
Education Humor : IBM
Humor : Assembler-related Humor :
VIM Humor : Computer
Viruses Humor : Bright tomorrow is rescheduled
to a day after tomorrow : Classic Computer
The Last but not Least
Copyright © 1996-2016 by Dr. Nikolai Bezroukov. www.softpanorama.org
was created as a service to the UN Sustainable Development Networking Programme (SDNP)
in the author free time. This document is an industrial compilation designed and created exclusively
for educational use and is distributed under the Softpanorama Content License.
Original materials copyright belong
to respective owners. Quotes are made for educational purposes only
in compliance with the fair use doctrine.
FAIR USE NOTICE This site contains
copyrighted material the use of which has not always been specifically
authorized by the copyright owner. We are making such material available
to advance understanding of computer science, IT technology, economic, scientific, and social
issues. We believe this constitutes a 'fair use' of any such
copyrighted material as provided by section 107 of the US Copyright Law according to which
such material can be distributed without profit exclusively for research and educational purposes.
This is a Spartan WHYFF (We Help You For Free)
site written by people for whom English is not a native language. Grammar and spelling errors should
be expected. The site contain some broken links as it develops like a living tree...
The statements, views and opinions presented on this web page are those of the author (or
referenced source) and are
not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness
of the information provided or its fitness for any purpose.
October 20, 2015