MICROSOFT LONGHORN OPERATING SYSTEM LOCKED DOWN TO PROTECT HARDWARE DATA ACCESS Longhorn locked down to fight hackers - vnunet.comLonghorn locked down to fight hackers
Intruders wished "good luck" as new OS prevents unauthorised access

Iain Thomson at TechEd in Amsterdam, vnunet.com 06 Jul 2005
ADVERTISEMENT
Microsoft's forthcoming Longhorn operating system places great emphasis on locking down PCs to prevent unauthorised access to hardware and software, the software giant revealed today.

According to Detlef Echert, Microsoft's chief security advisor in Europe, there are several key elements designed to boost security in its next OS.

Hardware locking via a dedicated chip is combined with "hardening" of the OS to restrict how memory can be accessed.

Security will also be boosted using a technique dubbed User Account Protection, which aims to ensure that computers can be locked so that local users are not given full administrator access by default.

The first stage of enhancing security in Longhorn centres on the use of Microsoft's Trusted Platform Module 1.2, a chip already being manufactured by Intel and AMD.

This will act as a vault for a user passwords and identity information. If a computer is stolen a thief would not only have to unlock the computer, but break into the chip to access any personal information.

"If [a thief] wants to try this I say good luck," Echert told vnunet.com. "It is not impossible but it requires highly specialised tools, a lot of time and a certain amount of luck. It will certainly protect data in 99 per cent of attacks."

An additional layer of defence comes from what Echert calls "system hardening ". This ensures that only certain parts of the computer's memory can be written to, thus stopping memory resident malware from causing disruption.

Finally, User Account Protection will help protect against local PC infection by locking user rights, so that a hacker cannot gain full control if a computer is infected.

Echert explained that not everyone needs administrator-level access to their PC but that developers often set this as default because it is easier.

Administrator access can be granted with Longhorn, but local access only will be the default