- 01-08-2013, 03:10 PM #1
Circumventing Windows RT’s Code Integrity Mechanism « On the Surface of Security
The Surface hacking community is probably going to start progressing with this new information. There's finally a huge motive.
Note: Desktop applications must be "compiled" for ARM in order to run, but this can be done by anyone. Not all desktop applications will work because RT is missing certain libraries that Windows 8 has.
Edit- I accidentally typed "recompiled" instead of "compiled". The point of this find has nothing to do with anything that currently exists on legacy systems. The purpose is for what is possible and what new things can be done moving forward.
If you have something negative to say, don't say it. There is absolutely nothing negative about this, so that's an obvious indication that you are misunderstanding something.
Last edited by Robert Carpenter; 01-08-2013 at 05:03 PM.
- 01-08-2013, 03:57 PM #2
- 01-08-2013, 04:11 PM #3
To put it in a framework that those living in the American suburbs may understand, a hacker found the equivalent of an entrance to a cul-de-sac that should have had a road block. It may be an achievement but it will still never get you to the highway.
01-08-2013, 04:18 PM #4
- 18 Posts
to make matters worse, re-compiling for arm can only be legitimately done to open source apps, will u be recompiling someone elses prog.
best way forward is metro. theonly hack i will look forward to is installing metro apps without going through the store.
01-08-2013, 06:16 PM #5
- 340 Posts
It's a fairly minor change, and all it shows is what everyone already knows. Windows RT is exactly Windows 8, recompiled for arm cpus, with the security setting cranked to 11 :)
So this dials the "run apps signed with" to "nothing" and hey, presto, any arm binary will run. So you can compile for arm (you could already) and you don't need to sign the app, and it will run. This means any existing apps can be compiled (if you have the source - so open source apps, yes. Commercial apps - only if whoever owns the source decides to do it, and you can bet your bunnies no commercial software will do this until it is blessed by microsoft.)
Now, what will likely happen even if no hacker had done anything (and seriously this was a nice bit of tracking down what bits to flip) is that someday Microsoft will decide to let the user set the security level of the device (or more likely allow it to be controlled via policy such that, if you are using a surface with an enterprise email account the option to allow unsigned binaries can be controlled by the authority, not you)
That way, if you want to go back to the fun filled virus and malware days outside the walled garden (and really, who wouldn't want THAT?) you can choose to - unless your corp policy forbids it.
*That* is what this "hack" means. At least to me.
- By RedLine78 in forum Surface for Windows RTReplies: 32Last Post: 04-21-2013, 10:28 AM
- By martinblank64 in forum Surface for Windows RTReplies: 36Last Post: 03-13-2013, 02:10 PM
- By smoledman in forum Surface for Windows RTReplies: 1Last Post: 01-08-2013, 02:15 AM
- By hsalps in forum Surface for Windows RTReplies: 9Last Post: 11-20-2012, 02:03 AM
- By Lundon44 in forum General Tablet DiscussionReplies: 20Last Post: 10-18-2012, 01:06 PM