Gadgets: New Tech & Old Threats
BY.MICKY VERMA
1 Abstract...
Applications have become increasingly feature rich, highly extensible and capable of being fi nely tuned by end
users to suit their needs and taste requirements. Often these customisations add little more functionality than a
talking clock, customisable dancing paper clip or Klingon spell check facilities. These application ‘enhancements’
have adapted over the years to the point where the “Application Layer” [1] within the OSI model may in fact
contain dozens of processes running in a single Application instance.
Customisations and themes have expanded from simple fl at text and image fi les into feature rich applications
by themselves, capable of performing tasks simultaneously within application running them. The introduction of
Vista has continued this trend and has brought several new technologies to the commonly deployed Microsoft
Desktop operating system and associated portable hardware. The introduction of “Windows Live Gallery” [2] is
testimony to a new direction in computing that introduces component abstraction within a single application.
Examples of such feature-rich functionality can be seen in a description of the Windows Live Gallery service [3].
Many IT Managers and administrators are in the process of deploying Windows Vista or have already done so.
This paper examines some of the new Vista Gadgets technologies and identifi es some potentially serious security
risks which might be introduced via use of gadgets. The paper suggests some defence strategies and provides IT
Managers with a business case for locking down or disabling this feature. Proof of concept attack code is also
available for those interested in further research and to demonstrate any identifi ed issues.
This white paper analyses two of the ‘Gadget’ technologies found within Microsoft Vista and Microsoft Live. We
intend to:
■ review each for potential security weaknesses that may exist within the security models outlined for the
technology,
■ produce conceptual attack code for any identifi ed issues to assess risks, introduce potential real world
scenarios where such attack code may already exist and
■ summarise defence strategies and device lock down procedures that can be enforced to help mitigate
against the risks outlined herein.
The paper’s objective is to provide System Administrators with a business case to demonstrate why the
technologies outlined are potentially dangerous to system infrastructures and to offer advice and procedures on
what security hardening can be performed to prevent exploitation of any issues identifi ed.
2 Scope...
This paper sets out to review the security models in place of several Microsoft technologies utilised on desktops
and web pages. The scope has been to identify any security models and restrictions imposed on applications
running within these technologies, attempt to identify any areas within the security model which may allow
for subversion by a malicious developer, development of attack code and risk assess situations where threats
maybe perceived in the wild. The technologies highlighted for review are;
■ Sidebar Gadgets
■ Web Gadgets
We have adopted the principle that where attack code is to be developed the result should be working attack
code that could be utilized in a real world attack scenario. The defi nition of real world is that attack code should
be functional and be able to reliably compromise the target platform to give some level of access to the attack
code owner. However, where attack code is to be deployed into the wild or hosted on publicly accessible web
services such code will be disabled or neutralized so as to reduce the threat impact to highlight only conceptual
risk.
Additional Gadget technologies such as Microsoft Windows Sideshow – designed to be hosted on Mobile
devices and OpenSocial - a Cross-Platform Web 2.0 social networking API are not reviewed in this paper due to time
restrictions but may be a topic for future research.
1 Abstract...
Applications have become increasingly feature rich, highly extensible and capable of being fi nely tuned by end
users to suit their needs and taste requirements. Often these customisations add little more functionality than a
talking clock, customisable dancing paper clip or Klingon spell check facilities. These application ‘enhancements’
have adapted over the years to the point where the “Application Layer” [1] within the OSI model may in fact
contain dozens of processes running in a single Application instance.
Customisations and themes have expanded from simple fl at text and image fi les into feature rich applications
by themselves, capable of performing tasks simultaneously within application running them. The introduction of
Vista has continued this trend and has brought several new technologies to the commonly deployed Microsoft
Desktop operating system and associated portable hardware. The introduction of “Windows Live Gallery” [2] is
testimony to a new direction in computing that introduces component abstraction within a single application.
Examples of such feature-rich functionality can be seen in a description of the Windows Live Gallery service [3].
Many IT Managers and administrators are in the process of deploying Windows Vista or have already done so.
This paper examines some of the new Vista Gadgets technologies and identifi es some potentially serious security
risks which might be introduced via use of gadgets. The paper suggests some defence strategies and provides IT
Managers with a business case for locking down or disabling this feature. Proof of concept attack code is also
available for those interested in further research and to demonstrate any identifi ed issues.
This white paper analyses two of the ‘Gadget’ technologies found within Microsoft Vista and Microsoft Live. We
intend to:
■ review each for potential security weaknesses that may exist within the security models outlined for the
technology,
■ produce conceptual attack code for any identifi ed issues to assess risks, introduce potential real world
scenarios where such attack code may already exist and
■ summarise defence strategies and device lock down procedures that can be enforced to help mitigate
against the risks outlined herein.
The paper’s objective is to provide System Administrators with a business case to demonstrate why the
technologies outlined are potentially dangerous to system infrastructures and to offer advice and procedures on
what security hardening can be performed to prevent exploitation of any issues identifi ed.
2 Scope...
This paper sets out to review the security models in place of several Microsoft technologies utilised on desktops
and web pages. The scope has been to identify any security models and restrictions imposed on applications
running within these technologies, attempt to identify any areas within the security model which may allow
for subversion by a malicious developer, development of attack code and risk assess situations where threats
maybe perceived in the wild. The technologies highlighted for review are;
■ Sidebar Gadgets
■ Web Gadgets
We have adopted the principle that where attack code is to be developed the result should be working attack
code that could be utilized in a real world attack scenario. The defi nition of real world is that attack code should
be functional and be able to reliably compromise the target platform to give some level of access to the attack
code owner. However, where attack code is to be deployed into the wild or hosted on publicly accessible web
services such code will be disabled or neutralized so as to reduce the threat impact to highlight only conceptual
risk.
Additional Gadget technologies such as Microsoft Windows Sideshow – designed to be hosted on Mobile
devices and OpenSocial - a Cross-Platform Web 2.0 social networking API are not reviewed in this paper due to time
restrictions but may be a topic for future research.
No comments:
Post a Comment