14 DAY TRIAL // One security researcher turned operating-system developer is claiming that Windows 7 and Mac OS X are insecure by design, while proposing her own platform as a model for the bulletproof desktop OS. While swapping rootkit research for the Qubes project, Joanna Rutkowska, founder and CEO of Invisible Things Lab, announced some changes to the company she founded, namely the shift in focus away from security research and onto designing systems that were immune to rootkit by design. Taking a swing at both Windows 7 and Mac OS X, Rutkowska indicates that it makes no sense to continue hacking the two operating systems.
“Don't expect to see any research on how to e.g. compromise Windows 7 or Mac kernel or break out of their primitive sandboxes -- these systems are so badly designed from a security standpoint, that coming up with yet another attack against them makes little sense from a scientific point of view,” she notes. At the same time, Rutkowska doesn’t rule out security research altogether, but notes that Invisible Things Lab will build attacks “against VT-d, or some CPU exploit, or a Xen exploit.”
In the first half of April 2010, Rutkowska announced the first Alpha development milestone of Qubes OS, a new open source operating system developed by Invisible Things Lab in the past half a year, by implementing the Security by Isolation approach. “Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps,” the official description of the product reads.
Early adopters that followed the development process of Windows 7’s predecessor might already remember Rutkowska, and her 64-bit Windows Vista kernel hack before the operating system was released to manufacturing. The former security researcher with Coseinc also released what she claimed to be 100% undetectable malware, the BluePill rootkit, a virtualization (hypervisor)-based piece of malicious code, capable of infecting x64 Vista. Windows 7 got a lot less attention from Rutkowska, although the 64-bit flavor of the operating system can be owned, as white hackers proved at the Pwn2Own hacking contest this year.
Statistics released by Microsoft earlier this year indicate that customers are better off running Windows 7 RTM or Vista SP2, especially the 64-bit flavors, as they are superior in terms of security to Windows XP. Volume eight of the Microsoft Security Intelligence Report (SIRv8) reveals that the infection rates for Windows 7 and Vista SP2 are considerably lower than those for Windows XP SP3. Furthermore, in SIRv8, the Redmond company also points out that its Security Development Lifecycle model for building Windows 7 and Windows Vista has paid off, with the two platforms attracting less attacks, as compared with XP SP3 for Microsoft vulnerabilities. In mid-April 2010, Marc Maiffret, an iconic hacker and now chief security architect at FireEye, pointed out that Microsoft’s software products were more secure than Apple’s, especially because of the SDL.
Microsoft Windows 7 90-Day Eval VHD is available for download here.
Another Windows 7 RTM Enterprise 90-Day Evaluation is available for download here.
Qubes OS is available for download here.