Win32 internals

Steve Kinney
Thu May 9 03:40:01 2002

Hash: SHA1

Hi Malte & group!

>Am Mittwoch, 8. Mai 2002 06:46 schrieb Steve Kinney:
>>Is there a FAQ or similar documentation that describes the
>>special issues in porting GnuPG to Windows?  I am especially
>>interested in the RNG (how it collects entropy) and the problem
>>of allocating memory that is not swapped out to disk.
>I think Werner is right very much, Windows has so many security
>holes, make this issue really a minor one ...

I know this is a common belief, but I know it is FUD.
Windows has several million /operators/ who are walking =

security holes, because they are completely ignorant.  The =

OS family itself is no more or less secure than, for instance, =

Linux.  (Although of course Microsoft network /application/ =

software is horribly insecure, as demonstrated by numerous =

IIS holes, swarming Outlook worms, root exploits in every =

release of IE, etc. etc.)

A full Nessus scan of my home Win98 box failed identify the
operating system and provided no advisories.  Using Floke
Integrity provides similar protection as Tripwire, and the
Pegasus Mail MUA has a perfect security record, over a 10 year
period.  As long as you use it for its proper purpose-- a
network /client/-- Win32 can be made as secure as any OS on the

On the other side of the coin, the HoneyNet project found =

that the half-life of unpatched Red Hat on a high-bandwidth
connection is about 72 hours until cracked and owned.  That's
less secure than any Windows OS, out of the box.  Linux can be
/made/ highly secure, but it takes an informed and pro-active
operator to do it.  Even then, Bad Things can happen.  =

Just last week, Robert J.Hansen, a well known crypto engineer =

and UNIX programmer, had his own Linux box rooted.  (He blames =

a wu-ftpd exploit.)  This forced him to revoke his =

long standing public keys.

>but Win NT 4 offers a way to clean the swapfile at shutdown,
>you can find the needed registry entry here :
>Win 9x/ME/2K/XP may have something similar, I don't know

None provided.  If you want to wipe the swap file properly on
9.x/ME, you have to disable dynamic swap file allocation, and
use a 3rd party app like eraserd.exe.  I have used DOS batch to
reconfigure autoexec.bat to tell the wiper to eat win386.swp on
start-up, then return to normal automagically.  (Anyone wants
the generic batch files, ask & I'll send them along.)

Back to the point:  As far as I can tell, an entropy gathering
daemon similar to dev/random would offer a major improvement
over the RNG now used in Win32 GPG.  I can't write one, but I am
hoping that someone will sometime soon.  As for memory locking,
that's mostly a public relations issue-- maybe .001% of users
could be affected by swap file leakage, and besides, the text
editor will always spread plain text all over the swap file...

IMO every time a major GPL application makes it over the fence
into the Windoze world, a small part of Microsoft's foundation
crumbles away.  There is no better way to promote GNU/Linux and
its cousins, than to teach Windows users to rely on applications
native to the GNU environment.  Right now, new business users
have /no/ legal alternative to GnuPG for PGP crypto.  A few
thousand people who still think computer =3D Windows are getting
their first exposure to the GNU world via GnuPG, and many more
are to come.  If these folks are left with the impression that
the GNU community is hostile or elitist-- which it is not!-- the
only party to benefit will be Microsoft itself.

The helpful & pro-active nature of the Linux community is =

what sold me on GNU, and the only reasons I am using Windows =

right now are 1) AutoDesk CAD, 2) lots of lost-time =

incidents with dual boot configurations, and 3) I need a =

real modem anyway.


Steve K

Version: idw's PGP-Frontend 4.8.5 / 2-2002 + PGP 6.5.X