1 / 68

Coming to Your Network Soon! Windows 7

Coming to Your Network Soon! Windows 7. John Brumley Lowell Furman Brent Moberly Sheryl Swinson. Presentation Agenda. The User Interface – Sheryl Swinson Performance Enhancements – John Brumley Security – Dr. Brent Moberly Networking – Lowell Furman

chana
Download Presentation

Coming to Your Network Soon! Windows 7

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Coming to Your Network Soon! Windows 7 John Brumley Lowell Furman Brent Moberly Sheryl Swinson

  2. Presentation Agenda • The User Interface – Sheryl Swinson • Performance Enhancements – John Brumley • Security – Dr. Brent Moberly • Networking – Lowell Furman • Questions at the presentation's end, except for Networking; Interruptions are encouraged in Networking.

  3. Coming to Your Network Soon! Windows 7 The User Interface Sheryl Swinson – Indiana University

  4. Task Bar • Hmmm… This looks pretty familiar…

  5. Task Bar • Relocate • Hover • Jumplists

  6. System Tray • The “mystery meat” is gone • The foggy little appendix (we’ll come back to it later)

  7. Desktop and Window Management • Peeking • Gadgets • Gestures

  8. Coming to Your Network Soon! Windows 7 Performance Enhancements John Brumley – Indiana University

  9. Performance Enhancements • Power-Management • Processing Enhancements • Graphic Enhancements • Solid-State Drive Optimization • Media distribution / HomeGroup • New Gadgets, Programs and Abilities

  10. Power-Management • Reduced power consumption • Idle resource utilization by Timer-Coalescing API

  11. Power-Management Continued • Device power management • -Adaptive Display brightness • -Low-power audio • -Bluetooth & network power improvements

  12. Processing Enhancements • - Processor Power-Management (PPM) driver support • Hyper-threading Utilization • HT works with multi-core CPUs • Timer-Coalescing API

  13. Graphic Enhancements - New algorithms for 3D graphics and for Desktop performance - GDI concurrency - Reduced memory footprint - Optimized for multi-core CPUs

  14. Solid-state Drive Optimization • Reduce frequency of writes and flushes • Disk defragmentation disabled for SSD • Supports Trim • Disables Superfetch, ReadyBoost, as well as boot and application prefetching. • - Bitlocker encryption is optimized for SSD

  15. Media Distribution / HomeGroup - Supports Network Media Devices (NMDs) following Digital Living Network Alliance (DLNA) standard. - Based on the “family-home” concept - “Play To” ability

  16. Media Distribution / HomeGroup

  17. Media Distribution / HomeGroup - Internet access to home media using @Live account - New NAT traversal technology - Media format conversion for unsupported codecs - Printers install across all HomeGroup PCs.

  18. New Gadgets, Programs & Abilities • Improved calculator • Problem Steps Recorder • Built-in ISO burner utility • Math Input Panel • Sticky Notes • PowerShell 2.0

  19. Coming to Your Network Soon! Windows 7 Security Dr. Brent Moberly – Indiana University

  20. Security Outline • Compatibility • Security – background • We will not debate Mac vs. PC slide – there is only one slide for this discussion • User Access Controls • Mandatory Integrity Control (MIC) • AppLocker • Future Reading List

  21. Compatibility Tab • Windows 7 compatibility tab fools programs into thinking they are running under earlier versions ofWidows.

  22. Windows XP Mode • Windows XP mode is a virtual machine running a fully-licensed version of Windows XP. • Demo

  23. Windows XP Mode - Download • Windows XP Mode is not included by default. • Users will have to download it from Microsoft. • http://www.microsoft.com/windows/virtual-pc/download.aspx

  24. Security Intro, UAC, and Fun Programs

  25. First Year of VulnerabilitiesXP vs. Vista From “Windows Vista Security One Year Later,” Windows Security Blog (http://blogs.msdn.com/windowsvistasecurity/archive/2008/01/23/windows-vista-security-one-year-later.aspx)

  26. Infected Machines: June – December 2007 “In fact, from June – December 2007, using proportionate numbers, the MSRT found and cleaned malware from 60.5% fewer Windows Vista-based computers than from computers running Windows XP with Service Pack 2 installed. How about Windows 2000?  Using proportionate numbers, MSRT found and cleaned malware from 44% fewer Windows Vista-based computers than Windows 2000 SP4 computers and 77% fewer than from computers running Windows 2000 SP3.” From “Windows Vista and Malware,” Windows Security Blog (http://blogs.msdn.com/windowsvistasecurity/archive/2008/05/09/windows-vista-windows-2000-and-malware.aspx)

  27. Infection Rates - all Windows Versions: July-Dec. 2008. From “The Latest Microsoft Security Intelligence Report,” Microsoft Malware Protection Center (http://www.microsoft.com/security/portal/sir.aspx)

  28. Detected Infections @IUAug 2008 – Present

  29. Buts we Roxors teh OS X…. “It's quite easy to write an exploit for Firefox on OS X compared to Firefox on Vista….” “… It's getting pretty hard to do a lot of this stuff on Windows Vista and Windows 7," Nils said. "Especially when a lot of people who stayed with [Windows XP] switch to Windows 7 because they didn't want Vista, the bad guys may start to figure out they can more easily exploit these bugs more reliably on a Mac.” From “Mac OS X Top Target in Browser Beatdown,” Security Fix Blog(http://voices.washingtonpost.com/securityfix/2009/03/mac_os_x_top_target_in_browser.html)

  30. Least User Access (LUA) • Underlying principle behind Win 7 (and Vista) security is that of least privilege or Least User Access (LUA). • Namely, users should run under the minimum set of privileges required to perform a given task and elevate only if they require additional privileges.

  31. Windows 7 User Modes • Standard User • Administrator • Administrator-Approval

  32. User Access Control (UAC) Windows VistaUAC Control Panel (1 option) Windows 7UAC Control Panel (4 options)

  33. User Access Control (UAC) • Standard Users cannot auto-elevate

  34. User Access Control Prompts Windows 7Unsigned Application Windows VistaUnsigned Application

  35. User Access Control Prompts Windows 7Signed Application Windows VistaSigned Application

  36. Setting and auditing UACProgrammatically • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

  37. Setting UAC via Security Policies • Security Settings > Local Policies > Security Options

  38. UAC Under the Hood Q: How does Windows know when to elevate? A: Three main factors1) Mandatory Integrity Control (MIC)2) DACLS (to some extent)3) Manifests

  39. Manifests • Manifests allow applications to request specific privileges. • Ideally, manifests are embedded into an application’s resource tree. • But they can also be added as stand-alone files in an application’s directory.

  40. Sample Manifest File <?xml version="1.0" encoding="utf-8"?> <asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level=" requireAdministrator " uiAccess="false" /> </requestedPrivileges> </security> </trustInfo> </asmv1:assembly> <requestedExecutionLevel level=" requireAdministrator " uiAccess="false" />

  41. RequestedExecutionLevel • asInvoker – runs with the same access token as the parent process. • highestAvailable – runs with the highest privileges the current user can obtain. • requireAdministrator - runs only for administrators; requires application to be launched with the full access token of an administrator.

  42. UIAccess • False – the program does not need to drive input to other applications on the desktop • True – the program drives input to other applications on the desktop.* * This setting requires that the application be signed with an Authenticode Cert and that the application must reside in a protected location in the file system. 

  43. Select Windows Utilities • Utilities like taskmgr.exe include “<autoElevate>true</autoElevate>” in their manifests

  44. Legacy Applications • Applications without manifests are consider “unmarked” and are virtualized. • Virtualized means that they run against a temporary version of the windows registry, etc. • Demo: Old Yeller

  45. UAC Caveats • Standard user mode is more secure than admin-approval mode. • In admin-approval mode, always-prompt mode is more secure than auto-elevate. • Not running a program is more secure than running a program, even if you don’t elevate the program. • Once you elevate a program, that program can do almost anything it wants.

  46. Mandatory Integrity Control (MIC) • Restricts less trustworthy processes and applications in the same user context • Works in addition to (and before) Discretionary Access Control Lists (DACLS)

  47. MIC Levels • Low • Medium (default) • High • System

  48. MIC Rules • No write-up: objects with lower security levels cannot modify those with higher security levels • Medium = default: if an object does not have an explicit integrity level, its level is medium

  49. MIC Demos • Using Sysinternal’s Process Explorer to view MIC levels. • Using icacls.exe to modify MIC levels • Internet Explorer 8

  50. AppLocker • “White list” of programs allowed to run • New to Windows 7 • Targets enterprise deployment (uses GPO). • Demo: Gremlins

More Related