Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
Windows 8 has a slew of new security options that have made protecting stored data and securing internet activities a lot easier. Combined with a good VPN, this system provides high level protection that even the average Windows user can manage with little effort.
First of all, Windows 8 computers have UEFI Secure Boot firmware. This allows your computer to check security certificates for the kernel, boot loader, drivers and system files against the information on a database as Windows is loading. This is like a mini operating system within Windows 8 that checks to make sure your usual OS hasn’t been tampered with.
On Windows 8, your antivirus software will start running even while the OS is still booting up. This is true as long as the system supports Early Load Anti Malware, or ELAM. This is added protection since the program is running before any malware can sneak onto your computer during the boot. In addition, if a rootkit got on your computer and is waiting to change Windows components when you boot, Windows will automatically find the code that it changes and replace it with the original, legitimate code from the Windows ‘side by side’ store. You won’t even see a warning for that during boot since it’s automatic. But you can always check the details in your antivirus warnings under the Action Center if you want to keep track.
Windows 8 Guard Pages
When Windows 8 is running, it is harder for attackers to use the heap (or the way it handles memory in use) to attack the OS, or any programs that are running. Previous versions of Windows allowed too much freedom to allocate memory so that it could overflow the buffer that it is supposed to fit in. This caused an opening that could be used to run an attack. The Windows 8 kernel has much tighter limits that overflow attacks have to be exactly the right size to work. The Windows 8 kernel can also put ‘guard pages’ of memory around all important strings of code. This acts as a defense system that directs malware to a section of memory that keeps it away from the system. If any malware tries to attack by corrupting the next chunk of memory coming in and overflowing, Windows will effectively shut down the process because it will detect that it is accessing invalid memory.
Windows 8 Randomising Memory and Memory Allocation
The Windows 8 tools for keeping track of memory allocated to specific applications now make sure that the memory allocated starts in a random place. Before, it would pick the allocated storage space based on a value that malware could interfere with or use the next free chunk of memory or a similarly predictable location. Now malware cannot make it point to malicious code because it cannot easily find where it is located. Randomizing memory works by collecting a mix of data when Windows 8 boots. This can come from performance logs, the clock, power management systems and other sources. These are combined into a new random number seed every time memory allocation runs. Memory that is not in use is also safer. Malware could before force the kernel on older OS to allocate memory to a program and then release it. This meant that a virus could use memory that Windows thought wasn’t in use and so remain undetected. This is now impossible.
Data Execution Prevention (DEP) in Windows 7 can mark memory allocated to applications for storing data. This is so that it cannot be used for running code. Address Space Layout Randomisation (ASLR) 7 makes program code load into different places, making it harder for malware to find where to attack. These protect Windows, but users have to depend on developers to turn them on when they write programs. Windows 8 will not run on systems that do not already have the hardware needed to mark memory as only for data (NX – Non executable). The improvements to the memory heap are also on by default. This way, they can protect everything independently. Windows 8 additionally uses the Supervisor Mode Execution Protection (SMEP), also known as OS Guard, in Ivy Bridge CPUs. This stops the CPU running any memory pages that are marked as ‘user’ pages that are only for data, rather than ‘kernel’. Using NX to protect kernel memory to prevent malware from targeting kernel memory so that it can bypass SMEP.
Buy VPN Software for Safer Wi-Fi on Windows 8
Connecting to a secure Wi-Fi hotspot requires a password and in some cases a certificate that is installed on your computer to facilitate access. Windows 8 adds support for several types of wireless and mobile Extensible Authentication Protocol standards. These enable the user to connect to secure networks without having to get the certificate or roam between different wireless and mobile broadband networks for access. The upcoming standard Hotspot 2.0 will make it even easier to automatically connect to Wi-Fi hotspots as users move around. The new protocols will make this work so Windows 8 tablet users will be ready to go online when mobile operators support Hotspot 2.0.
There is no additional security provided for other connections, and this is where a VPN steps in. With multiple network and router vulnerabilities, a VPN is needed to secure user traffic. The VPN will encrypt user data and traffic so that sniffing software will not be able to access usernames and passwords. This is especially important for users who have SOHO routers and who use free Wi-Fi hotspots. VPNs thus complete the circle of security for Windows 8 users by sealing off the other pathways that intruders might use to gain access to the device or the data sent to and from it.