What s Inside This Book

What's Inside This Book

Here's a quick look at the things that you'll learn in this book.

As I've said, we'll see some real paradigm-busters in this book, but I wanted to start you off gently with Chapter 1. In that chapter, I tell you how to solve a few annoying problems (like restoring the Administrator account, which is disabled by default) and then, I explain a dozen or so subtle changes to security defaults. These are things that you might well not notice…until you trip over one of them. (For example, did you know that in Vista, Power Users go away?) But not all of the surprises are bad ones, as I'll walk you through an unexpected bright star in the Vista constellation-the Event Viewer. Covering that will also let me do some drill-down on Windows Remote Management, a new piece of Windows infrastructure that we're all going to have to get facile with.

In Chapter 2, we dive right into Vista security with the first of those eight biggies that I've mentioned. And, unlike most of the new Vista security technologies that we'll cover, this is one that you probably have heard of or come across: User Account Control or UAC, also known as "the Vista feature that everyone loves to hate." It's Microsoft's significant shift in Windows functionality intended to help the Windows community, who are all used to running as full-power administrators, make the painful shift to running as a user. UAC is definitely a good thing in the long run, but it can be frustrating for the veteran administrator, if not understood. That veteran admin could choose to simply tweak a couple of group policies to shut UAC off-and this chapter shows how-but that admin just might choose differently if she understood exactly what UAC does. This chapter goes beyond the UI and explains the new concept of "split tokens" and what they mean for both admins and users…and how not disabling UAC may be the best thing you can do to fight rootkits, worms, Trojans, and viruses.

In Chapter 3, I explain the second of the Big Eight, file system and Registry virtualization. It's a technology built into Vista that, like UAC, helps make the transition from today's world, where 99 percent of us spend our days logged in as an administrator, to a safer world of tomorrow, where we spend most of our time logged on as standard users. We need that because a lot of malware can't possibly infect our systems if we're logged on as standard users rather than administrators. But one of the biggest obstacles that well-informed techies see to moving to a world where most of us run as a user is the objection that "hey, I'd love to run as a user, but my stupid apps won't run unless I'm an admin because they try to write to places on the disk and in the Registry where user types can't go. What am I gonna do, find the developer and hit him in the head until he rewrites his code?" It's a very valid objection, or was, anyway…until Vista. Vista does a bit of sleight of hand letting folks with normal user levels of privilege to run what once were just badly written applications…automatically. Called "virtualization," it's got nothing to do with VMWare or Virtual Server, and everything to do with making things easier to run in lower power. With virtualization, you really can run apps that write to HKEY_LOCAL_MACHINE or System32, even if you're not an admin, just like magic. But as with all magic, there are some gotchas. This chapter explains how virtualization works, where it doesn't work, and how to know when it can and can't help you.

Chapter 4 introduces the technology that caused my cranial pop: the Windows integrity control, formerly known as Mandatory Integrity Control or MIC. In an effort to stem the tide of malware, Microsoft has, believe it or not, gone beyond the "discretionary permissions" model for NTFS and Registry permissions that we've known since its inception in 1993 and added a model that to this point has not appeared in any operating systems on the planet, except for ones used in some special-purpose OSes designed for military and national security applications. This new layer of security is called the "Windows Integrity control" and, well, it's no exaggeration to say that if you're a long-time Windows admin, you've never seen anything like this. In this chapter, I explain the theory behind the Windows integrity control, and then dive into your system's insides to show you what Windows integrity is doing…and how you can get in on the act to do insert a bit more "integrity" of your own into Vista. There is one downside to this chapter, however: we must sadly warn our readers that this chapter cannot not be read by persons without the proper security clearances.

In Chapter 5, Byron joins us to explain the fourth in my list of big new security technologies, the one piece of "Palladium," Microsoft's vision of security way back in 2002, that has actually seen the light of day: BitLocker Full Volume Encryption. Every year, American companies lose 600,000 laptops that are sometimes stolen but often just left in cabs and airports. But no matter how they're lost, they sometimes contain data that can make or break organizations. For example, you may recall the recent story about a Veteran's Administration employee who brought home a laptop whose hard disk contained the records of all veterans, including all of the information needed for a bad guy to commit identity theft against them… and the laptop was stolen from his home. Yikes! The answer? (Besides shooting the dummy who did that, that is.) Encrypt the entire hard disk, and hide the key where it can't be found. That's in Vista in a new tool called BitLocker.

When Microsoft first talked about BitLocker, it seemed like an interesting but impractical technology because it required that any system using BitLocker have a cryptographic chip called a Trusted Platform Module (TPM) chip on its motherboard. The Vista implementation of BitLocker, however, lets you encrypt any system so long as it's got either a TPM chip or a USB slot. If you've got a laptop, or if you're in charge of a fleet of laptops, then this may be the single most gotta-have-it feature of Vista!

In Chapter 6, Jennifer Allen joins us to explain three more of my list of significant Vista security technologies: code integrity, new driver signing rules, and PatchGuard. By this point in the book, you will have seen that Vista may be the first version of Windows with "Paranoia Inside," to borrow from Intel's well-known logo. In a change from all previous versions of Windows, Vista randomly reassigns the locations of basic Windows services, making the job of worm writers all the more difficult. One more set of anti-malware provisions includes code integrity, a boot-time check of digital signatures on files, and a new set of rules for 64-bit Windows only. Under these rules, all drivers must be signed. This chapter explains both of those protections in detail. But that's not all for 64-bit systems: the 64-bit kernel contains a feature called PatchGuard that attempts to intelligently detect and stop malware.

Chapter 7 I discuss that old security bugbear, Windows services. Although much maligned in security literature, services are helpful processes that get a lot of the job of keeping Windows running done. But because they run all of the time, services with bugs quickly become some of the lowest of low-hanging fruit for attackers. Over the years, Microsoft has sought to make services harder to attack with simple adjustments and those changes have been valuable, but Vista takes things a step further and rewrites the rules of how services are built. In this chapter, I explain how Vista services have changed, and how that affects administering Windows systems.

At that point, we'll be done with our quick look at Vista security's big surprises. I suspect that by then, you'll agree that at least security-wise, Vista is as different from previous versions of Windows as a Rolls-Royce is from a roller skate.