Microsoft is doing all sorts of things for security. They added ways to remove privileges from apps, rolled out SDL reducing vulnerabilities tremendously, implemented Windows Integrity Controls with IE at lowest level, added EMET, added whitelisting, pushed managed code, started designing sandboxing schemes like Xax architecture, added a hypervisor (Hyper-V), did mathematical verification on it, and so on. I can easily say Microsoft is putting more work into security in their various layers than Linux/BSD, even OpenBSD in some ways.
Thing is, there's been third party solutions to handle virtualization-based security for Windows for anyone willing to buy them. People mostly don't. So, Microsoft rightly doesn't give a shit. It's why I tell people to use third-party enhancements if they rely on Windows or switch to Linux/BSD due to greater options for security not to mention what CompSci is cranking out for them.
> Microsoft is doing all sorts of things for security.
Indeed they are. Compared to Windows XP (pre-SP2), Windows has come an incredibly long way.
I just cannot help thinking that if they used virtualization the way Qubes OS does, they could both incrase isolation of applications and maintain backwards compatibility without having to jump through the countless hoops I imagine Windows developers must meet on a regular basis.
Hyper-V could be a very nice foundation for such an approach, at least in my fertile imagination. ;-)
Oh, I agree with that. It could be a benefit on top of what they have. A Dom0/hypervisor solution from them could actually be safer given they have tools for mathematically verifying both driver interactions and low-level system code. SLAM has been applied to drivers for years now. HyperV was verified with their VCC toolkit. So, they'd be a stronger than average foundation.
The best route for isolation, though, is to apply one of the industry separation kernels or virtualization schemes from CompSci that leave more untrusted. Good news is that I found a great document that describes MILS in detail plus some prior work and terms:
Thing is, there's been third party solutions to handle virtualization-based security for Windows for anyone willing to buy them. People mostly don't. So, Microsoft rightly doesn't give a shit. It's why I tell people to use third-party enhancements if they rely on Windows or switch to Linux/BSD due to greater options for security not to mention what CompSci is cranking out for them.