Vista Opinions

[ChronoReverse]

I would like to go on record by stating that right now RC2 is running on a 1.8 ghz 64 bit sempron with 256 mb of ram quite nicely thank you very much. I have not disabled anything. Just installed it and my friends are putting it through its paces by watching videos on WMP 11 and surfing the net, etc etc. It runs just fine! That is quite amazing. And I kind of like the UI. It is a lot sleeker. And this is Vista Ultimate running on the machine so I am quite impressed.

Um, so did you install RC2 then remove a stick of RAM? Because the installer won't let you install unless you have 512MB of RAM.

And from experience, there's no way it could run well with just 256MB of RAM.



As for the injection attack, it's a rather silly thing to expect that level of security when it really requires user intervention to install (not to mention it's been plugged now). There's also some attacks that involve utilizing the design of VT or Pacifica but when you think about it, if you're going to run Windows inside a VM, there's no way Windows can detect that and deal with it.

 

[DemoCoder]

As for the injection attack, it's a rather silly thing to expect that level of security when it really requires user intervention to install (not to mention it's been plugged now). There's also some attacks that involve utilizing the design of VT or Pacifica but when you think about it, if you're going to run Windows inside a VM, there's no way Windows can detect that and deal with it.

For the injection attack, without VM, I disagree. Security dialogs are bound to trigger user fatigue over time, and trojans and display hacks may even trick the user into granting Admin privileges. Microsoft's design requirement for Vista was that even admin privileged code would not be able to subvert kernel driver signing and inject code into the kernel, this is a requirement for their DRM to work. But once you can inject into the kernel, all security for the user's data is lost, not just DRM violations against content publishers.

It's an attack that is emminently practical, vs compelling the user to run another copy of Vista inside a VM.

As for VM, well, it's a factor of MS needing to sell ugprades to legacy users. If they were smart, they'd just sell Vista with new PCs and require TPM to run. However, not that non-TPM versions itself, it's pointless, since hackers would construct TPM-cracks by using non-TPM beta releases, just like OS X was cracked by using old Developer seed kernels, and stuff from Darwin projects. For example, OS X 10.4.8 was cracked by replacing the kernel with the one from 10.4.4.