Microsoft's security initiatives

[Guest]

For all the hoopla Microsoft puts out about delivering more secure software,
I don't think they deserve any credit.

I recently bought a Windows Mobile 2005 device. I use it to connect to the
Internet and check my email, check stock quotes, etc. And I was attacked
every time I connected. So, I've now disabled the Internet connection feature
that comes with the device and only use Wi-Fi to connect. This way, I don't
have an always-on connection to the Internet. I can turn off Wi-Fi access
when I don't need it.

Now, everyone knows that any device connected to the Internet should have
atleast a firewall on it. Why didn't Microsoft bundle a firewall with Windows
Mobile 2005? Windows XP was released in 2001 and it had a firewall. So,
Microsoft only makes secure products if the product is very popular and is
under intense scruitiny by the press and the public at large.

For that matter, I recently read that MP3s introduce vulnerabilities into
Windows Media Player and other MP3 rendering software. I listen to MP3s on
Windows Media Player while I work. I think this is why my Windows Vista
Ultimate desktop, which has Norton Internet Security 2007 installed on it,
behaves strangely like IE using over 90+MB of memory, etc. I have to reboot
all the time because after a while of use, I experience problems like not
being able to open dialog boxes, context menus not working, etc.

Get it together, Microsoft.

 

[Paul Smith]

I recently bought a Windows Mobile 2005 device. I use it to connect to the
Internet and check my email, check stock quotes, etc. And I was attacked
every time I connected. So, I've now disabled the Internet connection
feature
that comes with the device and only use Wi-Fi to connect. This way, I
don't
have an always-on connection to the Internet. I can turn off Wi-Fi access
when I don't need it.

What do you mean you were "attacked"?

--
Paul Smith,
Yeovil, UK.
Microsoft MVP Windows Shell/User.
http://www.dasmirnov.net/blog/
http://www.windowsresource.net/

*Remove nospam. to reply by e-mail*

 

[Guest]

Well, I would call any intrusion into my Windows Mobile device an attack.
Wouldn't you?

 

[Alun Jones]

I think Paul's point was to ask you to be specific about one or more such
"attacks".

So far, all you've said is that something vague has happened, and you blame
Microsoft. You're apparently looking for support in your aspersions, which
is something that most people will only give if they have information to
start from.

Alun.
~~~~

 

[Guest]

OK. While I was connected to the Internet with the always-on connection at
first(rather than Wi-Fi), the intrusions would start up applications on my
device, start-up Wi-Fi access, which caused the battery level to drop, etc.

Are those intrusions adequate to warrant your support?

And even if the attacks did not occur, which they did, I would still blame
Microsoft for not bundling a firewall with Windows Mobile 2005.

 

[Paul Smith]

OK. While I was connected to the Internet with the always-on connection at
first(rather than Wi-Fi), the intrusions would start up applications on my
device, start-up Wi-Fi access, which caused the battery level to drop,
etc.

Are those intrusions adequate to warrant your support?

I'd recommend posting to microsoft.public.smartphone or
microsoft.public.pocketpc.

This isn't something I've come across, my WM2005 device is always connected
over GPRS and I've never had any issues.

--
Paul Smith,
Yeovil, UK.
Microsoft MVP Windows Shell/User.
http://www.dasmirnov.net/blog/
http://www.windowsresource.net/

*Remove nospam. to reply by e-mail*

 

[Jupiter Jones [MVP]]

"...I would still blame Microsoft for not bundling a firewall..."
What in the Microsoft advertising indicated there was a firewall or
equivalent included?

Have you also installed any applicable updates?
For computers, quite often an update will prevent issues where the
firewall is either nonexistent or disabled.
Blaster from a few years ago is a good example.

Try one of the newsgroups for portable devices such as yours:
http://aumha.org/nntp.htm

 

[Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]]

At this point in time the attack surface of such a device is such that
you are probably the one and only person I've ever seen report
"intrusions" on such a device.

Even Fsecure that has a a/v for mobile apps have stated that they've not
seen many in the wild (if at all that I recall)

The best way to prove true "intrusions" is to fire up some sort of
packet sniffer.

Furthermore WinMobile 6 is out. 5 is now out of date.

 

[Guest]

"What in the Microsoft advertising indicated there was a firewall or
equivalent included?"

Please read my first post under this topic.

JJ

 

[Guest]

I bought a Windows Mobile 5 device since the only carrier that had a Windows
Mobile 6 device did not have Wi-Fi capability on that device (at least, at
the time I bought my device).

All carriers in Canada still sell Windows Mobile 5 devices.

And the attack surface shouldn't be the criteria that warrants a firewall.
Any device connected to the Internet must be protected by a firewall.

JJ

 

[Guest]

Agree... I don´t know how Windows mobile implements tcp/ip security, but it
should implement some kind of firewall.

If it has or not, I don't know. However, most development is done on .net
which is a less vulnerable platform to be succesfully "hacked" from outsiders.

If your wireless is on, it will still drain your battery... The firewall
should check if packages are allowed or not.

Here is something you may want to look at. Just did a google search.

http://www.mobilearmor.com

 

[Noddy]

For that matter, I recently read that MP3s introduce vulnerabilities into
Windows Media Player and other MP3 rendering software.

You talking about this?

http://news.zdnet.co.uk/internet/0,1000000097,2127786,00.htm

It's from 2002 and says WMP is not vulnerable. Or are you talking about
something else that is more recent?

 

[Guest]

I'm talking about a more recent article I saw on the Web, as recent as last
week. It said that MP3s introduce vulnerabilities into their rendering
software.

And like I had mentioned in a previous post in this topic, my computer is
being controlled by someone else other than me.

JJ

 

[Steve Riley [MSFT]]

Folks, let's review what a firewall is supposed to do.

Consider desktop (meaning not Mobile) Windows. Its IP stack has a number of
listening sockets--ports that are open and waiting for incoming connections.
For instance: RPC portmapper on 135/tcp, various NetBIOS components on
137/udp and 138/udp and 139/tcp, plus a few others.

If you connect this computer to the Internet, you really don't want it to
accept any incoming connections on these ports. The purpose of a firewall is
to block unsolicited inbound traffic. Without a firewall, you have no
control over what someone might hurl at your network connection. A firewall
gives you this control. When the firewall is configured, the only traffic
that enters your computer is reply traffic to outbound requests. (Plus, you
could write rules to permit inbound traffic to certain ports, if you want.)

What if the IP stack had *no* listening sockets? Well, that stack wouldn't
need a firewall. There's nothing there for a firewall to protect. Firewalls
protect stacks by blocking inbound traffic to listening sockets. If there
are no listening sockets, firewalls are useless.

The stack in Windows Mobile is this kind of stack. It has no listening
sockets. The only traffic that enters the stack is reply traffic--which all
firewalls permit anyway. Because of its design, the Windows Mobile stack
doesn't require a firewall. Save your money (and memory and CPU
power)--don't install one.

JJ, a firewall isn't a panacea. It can't stop every kind of attack. I can't
comment on the troubles that you seem to be having (and, like the others
here, my WM device is always connected to the network and hasn't had a
single problem) -- but I can assure you that a firewall wouldn't have
helped.

Steve Riley
(e-mail address removed)
http://blogs.technet.com/steriley

 

[Guest]

Thanks for the Firewall 101. However, how do you explain applications
starting up randomly and my Wi-Fi access turning on randomly when I leave my
device connected to the Internet?

JJ

 

[Crazy Noddy]

I'm talking about a more recent article I saw on the Web, as recent as
last
week. It said that MP3s introduce vulnerabilities into their rendering
software.

And like I had mentioned in a previous post in this topic, my computer is
being controlled by someone else other than me.

JJ

Then why can't I find any info on it when I search with google? Either
provide the proof or I am apt to believe it is BS.

 

[Guest]

Well, I can't find the article anymore. It was some professor in some
university that said he was going to hold back information about these
vulnerabilities since he has not fully investigated them. He said when he has
enough info, he was going to email the MP3 player manufacturers. Now, he was
talking about Windows-based MP3 players, not the $39.99 players you get at
tigerdirect.ca.

 

[Steve Riley [MSFT]]

Like I said, I can't explain that--I've never seen such behavior myself, nor
have I heard of it before. Malware can enter a computer in many ways.
Firewalls are only one of many methods for defending a computer. But in the
case of Windows Mobile, firewalls are unnecessary because the kind of
defense they provide isn't required for that operating system.

Steve Riley
(e-mail address removed)
http://blogs.technet.com/steriley

 

[Crazy Noddy]

Well, I can't find the article anymore. It was some professor in some
university that said he was going to hold back information about these
vulnerabilities since he has not fully investigated them. He said when he
has
enough info, he was going to email the MP3 player manufacturers.

Just as I thought, it is BS.