 |
 |
 |
What the UAC hole is really about
Sunday, February 18th, 2007
Fellow blogger Ryan Naraine had a blog "Hacker, Microsoft duke it out over Vista design flaw" where he reported on a 
disagreement between elite researcher Joanna Rutkowska (Singapore-based Coseinc) and elite programmer Mark Russinovich (formerly Sysinternals and acquired by Microsoft). I’ve spoken with both of these people and I have a lot of respect for both of them. Rutkowska did some ground breaking research on Hypervisor-based Rootkits that hijack an operating system by sticking them in a hardware-based virtual "Matrix" prison. Russinovich is one of the elite programmers with Sysinternals which cranked out a lot of really powerful and well coded utilities for managing and maintaining Windows.
I had a hard time believing some of the characterizations of Rutkowska’s positions and that prompted me to contact Rutkowska first hand. It turned out she had already notified Ryan Naraine to correct her positions and you’ll see her clarifications on the end of Naraine’s blog. What Rutkowska was upset over was the Russinovich’s position that UAC implementation issues were not to be considered security bugs. » What the UAC ‘hole’ is really about | George Ou | ZDNet.com
Popular Posts
Please read our Disclaimer
